Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Yahoo.com plötzlich als Startseite

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.04.2013, 21:35   #1
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hallo,

ich bin leider schon wieder auf eure Hilfe angewiesen und hoffe, ihr leitet mich wieder so nett durch den ganzen Prozess durch wie beim ersten Mal.

Wie im Betreff beschrieben, hat nach einem Codec-Update (zumindest ist es mir erst danach aufgefallen) sich Yahoo.com selbst als Startseite samt Toolbar eingerichtet. Die Startseite ließ sich bei Firefox und im Internet-Explorer problemlos wieder umstellen. Und bleibt jetzt auch auf meinen eigenen Einstellungen. Den Toolbar konnte ich ebenfalls zumindest optisch entfernen. Ich habe trotzdem Bedenken, ob da noch mehr ist, was ich nicht sehen kann.

Ich habe die von euch vorgegebenen Erstschritte gesetzt:

1. Defogger
Scan war ergebnislos.

2. OTL
Es wurde nur eine Logdatei erstellt (otl.txt, KEIN extra.txt). Das ist Dateiinhalt:

Code:
ATTFilter
OTL logfile created on: 21.04.2013 20:06:52 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ms\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000C07 | Country: | Language:  | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 72,24% Memory free
7,79 Gb Paging File | 5,61 Gb Available in Paging File | 71,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,27 Gb Total Space | 366,24 Gb Free Space | 82,07% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOERTA | User Name: ms | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ms\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
PRC - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC)
PRC - C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC)
PRC - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
PRC - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SCManager) -- C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor10.0) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (rimssne) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (risdsnxc) -- C:\Windows\SysNative\drivers\risdsnxc64.sys (REDC)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ie
IE - HKCU\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9E29CBE5-5219-48EB-B28E-1F3B5F806E73}
IE - HKCU\..\SearchScopes\{3FFE8CF1-4A99-45A3-B536-2E3D16234D1A}: "URL" = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
IE - HKCU\..\SearchScopes\{9E29CBE5-5219-48EB-B28E-1F3B5F806E73}: "URL" = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596"
FF - prefs.js..browser.search.selectedEngine: "Amazon.de"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://google.at"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M]
 
[2013.03.05 02:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Extensions
[2013.04.21 19:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Firefox\Profiles\k6cyhvxy.default\extensions
[2013.04.12 15:46:41 | 000,783,286 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\ext@sprng.me.xpi
[2013.04.15 15:22:47 | 000,215,824 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\pinterest-addon@felixfung.ca.xpi
[2013.04.12 15:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 15:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.25 06:55:08 | 000,171,584 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.searchnu.com/406
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchnu.com/406
CHR - homepage: hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ch
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{031A699D-83FF-4904-B4E9-F5BF3A28E095}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{557CD5E5-D88D-44B9-B8A7-F81704059BAB}: DhcpNameServer = 10.100.58.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.21 20:05:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe
[2013.04.21 18:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchMe Toolbar
[2013.04.21 14:43:45 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{84F1CB72-1C60-4441-BD10-B2003F3017CF}
[2013.04.21 02:43:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{C536DCAF-0DF2-473B-9C54-2C206556BE6A}
[2013.04.20 14:43:08 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{60E6538B-8665-4B61-99A2-AFC63FD22A30}
[2013.04.20 01:36:30 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4EC8599E-1492-4DAB-82D3-C80D9D7A251D}
[2013.04.19 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BB3A9864-1C3A-492B-A6D0-09A6CE2DEB78}
[2013.04.18 16:03:30 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{54147F05-2BDA-4665-A7E9-899032076EEB}
[2013.04.18 03:26:00 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AE5FD8F2-65C7-4020-9451-AE107D762808}
[2013.04.17 15:25:48 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{E35933A4-1626-4A57-B96F-59BE3913DBC3}
[2013.04.17 03:25:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{3647FD93-2218-416F-BF91-A58AF8C8E318}
[2013.04.16 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{761EE486-BA54-4E19-B0CA-AC8879DA38F3}
[2013.04.16 03:24:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{47E750F3-F489-4F91-9714-BA1B0C976B01}
[2013.04.15 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.04.15 15:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013.04.15 15:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2013.04.15 15:24:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BB8F364B-2858-487E-AE22-72E1A5D584BF}
[2013.04.15 02:26:32 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{73A709E1-7241-4FF9-B88B-5A9623FBF7C6}
[2013.04.14 14:26:21 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{12DF7C96-28BF-4CAB-8681-E255030708A0}
[2013.04.14 03:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.14 02:25:56 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{871B6E1A-1161-4583-AD7E-632D8AFA2464}
[2013.04.13 14:25:45 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{5BA430F8-DECC-4252-BB66-1916B01D6A7D}
[2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax.new
[2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax
[2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax.new
[2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax
[2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax.new
[2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax
[2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax.new
[2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax.new
[2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax.new
[2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2013.04.12 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.12 15:31:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{38B72B5E-6EB7-43C6-9FBE-E9E585E85918}
[2013.04.12 03:31:09 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{233D26DE-94A3-4FE5-90EB-A77E5400CAEE}
[2013.04.11 15:30:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{A0FB4E95-A9AC-49F6-8A7D-B250EA9A6B70}
[2013.04.11 03:30:21 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{458BE287-CE4F-47F9-B00B-46621FB70870}
[2013.04.10 15:29:57 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{E34B9074-C780-45A3-BBDB-E94D8175484D}
[2013.04.10 03:21:02 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{06414E75-5AF5-4F5C-9EF2-347DC59A667E}
[2013.04.09 15:20:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{F113D162-80A5-4632-9347-402264A20D66}
[2013.04.09 02:51:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4B5D4C44-6448-45BC-AE01-7D74722E8662}
[2013.04.08 01:43:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{DAD02B29-5AB8-4A51-B603-A5A0EB43D715}
[2013.04.07 13:43:16 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BEA702CF-9C3F-4B28-B6FC-76B310584FA6}
[2013.04.07 01:43:04 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0E132C0B-61C6-41A5-83F5-398DE9E1F9A4}
[2013.04.06 13:42:51 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{C385DDBE-BD6D-4571-98A6-9322BA7CD9FB}
[2013.04.05 15:33:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{54C1E2D4-D539-43B1-9C20-96AAE3BEC01F}
[2013.04.05 03:33:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{A3970BFC-7248-46BE-A41C-42394F72D6DA}
[2013.04.04 22:41:11 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi
[2013.04.04 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{299D3ADB-B1C6-455D-BD7F-4AA681031B59}
[2013.04.04 03:32:40 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AD07962C-3BEC-4DAE-B2AF-846FC6ABD032}
[2013.04.03 15:32:17 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0FDAFE67-91B9-4AA4-9D3C-6975CA43D219}
[2013.04.03 02:10:56 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6E9F3155-34DC-4799-9E14-10F5251AD431}
[2013.04.02 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{2A7CC5B8-E970-4BCA-AB50-F6EA5884D4AA}
[2013.04.02 03:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2013.04.02 03:57:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2013.04.02 02:10:33 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{998AAA29-6EB4-45CA-A8CB-72F2FFAA5979}
[2013.04.01 14:10:08 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{16882CA1-1F39-44CD-ADE3-0C31B55F70BC}
[2013.03.31 18:22:33 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{8B98EC1C-8700-4C14-98D1-4C81B276D23F}
[2013.03.31 14:59:15 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{643D476A-2603-4630-8A89-A4047578BC2A}
[2013.03.30 18:05:32 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{B79A9384-90B3-4AC6-B414-1AE26946A8FF}
[2013.03.30 06:02:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{308EC441-63B8-4156-ADEB-D5C96F1A3B4E}
[2013.03.29 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4B70AFE9-B49E-4CF3-8813-7B3E4B03735D}
[2013.03.29 03:24:15 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0A15E939-6AED-426D-B459-FD67A0B58208}
[2013.03.28 15:18:04 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{369623D4-8ADA-4A08-95F9-F77B748C0924}
[2013.03.28 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{829093C5-BFDD-4AF5-AA76-BA3D67CDAFA4}
[2013.03.27 16:32:23 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{643EB6D2-4B3C-43EB-8543-102B5825717E}
[2013.03.27 03:53:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{41F4EB2D-372B-4BAE-9F0A-48FC735E4096}
[2013.03.26 15:53:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{8B9B1632-A84D-4E48-8009-C4F8D7FE2BAE}
[2013.03.26 03:52:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6BEB655A-1CBA-4525-B30B-5BFD4AAD9D24}
[2013.03.25 15:52:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{B5F6A9BD-566A-43F8-9B79-AF61F2B7437D}
[2013.03.25 03:52:25 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AB6B85FF-3A71-4318-85F4-5B6B58108464}
[2013.03.24 15:52:13 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{CDB4B7FB-8A9D-4984-82D7-2BE21E62FBC8}
[2013.03.24 02:36:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{10E18410-E7AF-46AB-8C2D-00DC7951A235}
[2013.03.23 14:36:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6DEE87C7-B460-475D-B151-5747E22DBDDD}
[2013.03.23 02:36:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{68F6A860-43DD-4C1D-B3D5-CB2770745DB1}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.21 20:05:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe
[2013.04.21 19:59:44 | 000,000,000 | ---- | M] () -- C:\Users\ms\defogger_reenable
[2013.04.21 19:59:20 | 000,050,477 | ---- | M] () -- C:\Users\ms\Desktop\Defogger.exe
[2013.04.21 19:56:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.21 19:40:46 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.21 19:40:46 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.21 19:40:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.21 18:30:02 | 000,001,873 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013.04.21 14:44:08 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.21 14:44:08 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.21 14:40:41 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.21 14:40:41 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.21 14:40:41 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.21 14:40:41 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.21 14:40:41 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.21 14:36:13 | 3138,428,928 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\dischandler.exe
[2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll.new
[2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll
[2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll.new
[2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax.new
[2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax
[2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll.new
[2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll
[2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll.new
[2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll.new
[2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll
[2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll.new
[2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll
[2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll.new
[2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll
[2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll.new
[2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll
[2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll.new
[2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll
[2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll.new
[2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll.new
[2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll
[2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll.new
[2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll.new
[2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax.new
[2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax
[2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll.new
[2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll.new
[2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll.new
[2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll.new
[2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll.new
[2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll.new
[2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll.new
[2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll.new
[2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2013.04.15 22:02:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.04.14 21:05:52 | 182,522,087 | ---- | M] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf
[2013.04.14 03:04:54 | 005,499,558 | ---- | M] () -- C:\Users\ms\Desktop\FUSION_DE.pdf
[2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax.new
[2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax
[2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax.new
[2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax
[2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax.new
[2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax
[2013.04.13 14:24:16 | 000,421,600 | ---- | M] () -- C:\Windows\SysNative\swscale-lav-2.dll
[2013.04.13 14:24:14 | 007,977,200 | ---- | M] () -- C:\Windows\SysNative\avcodec-lav-55.dll
[2013.04.13 14:24:14 | 001,245,920 | ---- | M] () -- C:\Windows\SysNative\avformat-lav-55.dll
[2013.04.13 14:24:14 | 000,289,008 | ---- | M] () -- C:\Windows\SysNative\avutil-lav-52.dll
[2013.04.13 14:24:14 | 000,202,648 | ---- | M] () -- C:\Windows\SysNative\avfilter-lav-3.dll
[2013.04.13 14:24:14 | 000,194,016 | ---- | M] () -- C:\Windows\SysNative\avresample-lav-1.dll
[2013.04.13 14:23:50 | 007,788,672 | ---- | M] () -- C:\Windows\SysWow64\avcodec-lav-55.dll
[2013.04.13 14:23:50 | 001,300,152 | ---- | M] () -- C:\Windows\SysWow64\avformat-lav-55.dll
[2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax.new
[2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax.new
[2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2013.04.13 14:23:50 | 000,400,592 | ---- | M] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013.04.13 14:23:50 | 000,272,192 | ---- | M] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax.new
[2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2013.04.13 14:23:50 | 000,194,632 | ---- | M] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013.04.13 14:23:50 | 000,172,728 | ---- | M] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013.04.12 17:57:18 | 000,549,804 | ---- | M] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf
[2013.04.10 15:44:51 | 000,098,169 | ---- | M] () -- C:\Users\ms\Desktop\SchlKorr.pdf
[2013.04.10 13:12:30 | 000,445,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.05 03:02:47 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 03:02:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.03 19:22:30 | 000,000,770 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk
[2013.04.02 03:58:36 | 000,001,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013.03.28 16:40:52 | 000,531,573 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps
[2013.03.28 16:39:26 | 000,314,751 | ---- | M] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps
[2013.03.28 16:36:08 | 000,305,899 | ---- | M] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps
[2013.03.28 16:34:34 | 000,241,232 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps
[2013.03.27 20:27:51 | 000,002,851 | ---- | M] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG
[2013.03.27 17:36:06 | 000,096,149 | ---- | M] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.21 19:59:44 | 000,000,000 | ---- | C] () -- C:\Users\ms\defogger_reenable
[2013.04.21 19:59:15 | 000,050,477 | ---- | C] () -- C:\Users\ms\Desktop\Defogger.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll.new
[2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll
[2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll.new
[2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax.new
[2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax
[2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll.new
[2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll
[2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll.new
[2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll.new
[2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll
[2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll.new
[2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll
[2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll.new
[2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll
[2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll.new
[2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll
[2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll.new
[2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll
[2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll.new
[2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll.new
[2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll
[2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll.new
[2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.new
[2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax.new
[2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax
[2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll.new
[2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll.new
[2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll.new
[2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll.new
[2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll.new
[2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll.new
[2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll.new
[2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll.new
[2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2013.04.15 22:02:19 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.04.14 21:05:51 | 182,522,087 | ---- | C] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf
[2013.04.14 03:04:45 | 005,499,558 | ---- | C] () -- C:\Users\ms\Desktop\FUSION_DE.pdf
[2013.04.13 14:24:16 | 000,421,600 | ---- | C] () -- C:\Windows\SysNative\swscale-lav-2.dll
[2013.04.13 14:24:14 | 007,977,200 | ---- | C] () -- C:\Windows\SysNative\avcodec-lav-55.dll
[2013.04.13 14:24:14 | 001,245,920 | ---- | C] () -- C:\Windows\SysNative\avformat-lav-55.dll
[2013.04.13 14:24:14 | 000,289,008 | ---- | C] () -- C:\Windows\SysNative\avutil-lav-52.dll
[2013.04.13 14:24:14 | 000,202,648 | ---- | C] () -- C:\Windows\SysNative\avfilter-lav-3.dll
[2013.04.13 14:24:14 | 000,194,016 | ---- | C] () -- C:\Windows\SysNative\avresample-lav-1.dll
[2013.04.13 14:23:50 | 007,788,672 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll
[2013.04.13 14:23:50 | 001,300,152 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll
[2013.04.13 14:23:50 | 000,400,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013.04.13 14:23:50 | 000,272,192 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013.04.13 14:23:50 | 000,194,632 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013.04.13 14:23:50 | 000,172,728 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013.04.12 17:57:15 | 000,549,804 | ---- | C] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf
[2013.04.10 15:44:49 | 000,098,169 | ---- | C] () -- C:\Users\ms\Desktop\Korr.pdf
[2013.04.05 03:02:47 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 03:02:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.02 03:58:40 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013.04.02 03:58:36 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013.03.28 16:40:44 | 000,531,573 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps
[2013.03.28 16:39:20 | 000,314,751 | ---- | C] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps
[2013.03.28 16:36:02 | 000,305,899 | ---- | C] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps
[2013.03.28 16:34:30 | 000,241,232 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps
[2013.03.27 20:27:51 | 000,002,851 | ---- | C] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG
[2013.03.27 17:36:06 | 000,096,149 | ---- | C] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf
[2012.12.19 23:52:54 | 000,000,581 | ---- | C] () -- C:\Users\ms\AppData\Local\cookies.ini
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini.new
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012.04.21 02:53:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.04.21 00:54:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.21 00:47:47 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.03.20 03:15:26 | 013,184,512 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.20 03:15:26 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.20 03:15:26 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.20 03:15:26 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.20 03:15:26 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.20 03:15:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.03.20 03:15:26 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.20 03:15:26 | 000,056,476 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2012.03.20 03:15:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2012.03.20 03:15:25 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.03 17:05:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.03 17:05:40 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll.new
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll.new
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll.new
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll.new
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll.new
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe.new
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll.new
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe.new
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe.new
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll.new
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll.new
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll.new
[2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll.new
[2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.03.08 16:58:29 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\calibre
[2012.12.20 00:55:23 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Canneverbe Limited
[2013.02.06 19:01:34 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\com.essexreddevelopment.mergepdfmac
[2012.09.05 19:44:12 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\iolo
[2013.04.04 22:41:11 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi
[2012.09.05 10:11:15 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Sony
[2012.09.06 22:04:55 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
         

3. GMER

Dabei hatte ich folgendes Problem: die Dateien C:/windows/system32/config/system und C:/users/ms/ntuser.dd konnten nicht geprüft werden, da "der Prozess nicht auf die Datei zugreift, da sie von einem anderen Prozess verwendet wird. Ich habe aber anordnungsgemäß alle Anwendungen vor dem Scan beendet.

Die Logdatei lautet:

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-21 20:31:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE3O 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\MSC~1\AppData\Local\Temp\fwldqpob.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files\Sony\VAIO Care\listener.exe[7888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69    0000000075dc1465 2 bytes [DC, 75]
.text   C:\Program Files\Sony\VAIO Care\listener.exe[7888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155   0000000075dc14bb 2 bytes [DC, 75]
.text   ...                                                                                                           * 2
.text   C:\Users\msl\Desktop\gmer_2.1.19163.exe[6960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075dc1465 2 bytes [DC, 75]
.text   C:\Users\ms\Desktop\gmer_2.1.19163.exe[6960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075dc14bb 2 bytes [DC, 75]
.text   ...                                                                                                           * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\spoolsv.exe [1648:3868]                                                                   000007fef63910c8
Thread  C:\Windows\System32\spoolsv.exe [1648:3872]                                                                   000007fef6196144
Thread  C:\Windows\System32\spoolsv.exe [1648:3876]                                                                   000007fef6145fd0
Thread  C:\Windows\System32\spoolsv.exe [1648:3880]                                                                   000007fef62c3438
Thread  C:\Windows\System32\spoolsv.exe [1648:3884]                                                                   000007fef61463ec
Thread  C:\Windows\System32\spoolsv.exe [1648:3892]                                                                   000007fef6385e5c
Thread  C:\Windows\System32\spoolsv.exe [1648:3896]                                                                   000007fef61c5074
Thread  C:\Windows\system32\wbem\wmiprvse.exe [3292:3400]                                                             0000000074881dbc
Thread  C:\Windows\system32\taskhost.exe [3348:2168]                                                                  000007fef5842740
Thread  C:\Windows\system32\taskhost.exe [3348:2272]                                                                  000007fef9eb1f38
Thread  C:\Windows\system32\taskhost.exe [3348:3504]                                                                  000007fefaf71010
Thread  C:\Windows\system32\taskhost.exe [3348:4748]                                                                  000007fef5ec5170

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                         unknown MBR code

---- EOF - GMER 2.1 ----
         
[/code]

Mir sagen die Scanergebnisse ja leider nichts, mir ist nur bei der OTL-Logdatei aufgefallen, dass auch "searchnu" vorkommt. Searchnu hab ich ja im Februar - wie ich glaubte erfolgreich - bekämpft.

Kann mir jemand helfen und sagen, ob ich irgendwelche Schritte ergreifen muss?

Vielen herzlichen Dank im Voraus!
MS.

Alt 24.04.2013, 12:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hallo,

JRT und adwCleaner sollten das eigentlich wieder packen, bitte beide Tools neu runterladen vorher

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________

__________________

Alt 24.04.2013, 17:25   #3
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hallo cosinus,

vielen herzlichen Dank dafür, dass du mir wieder hilfst!

Hier die Logdateien (in zwei Posts, weil sonst zu lange):

1. JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by ms on 24.04.2013 at 16:25:33,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] application updater 
Successfully deleted: [Service] application updater 



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchsettings



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\search settings



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\ms\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files (x86)\application updater"
Failed to delete: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0198D913-E9DC-4D53-8786-40424BBAC35D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{039D9A9F-7B7B-4237-87F7-8C94FADDCE7C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0422DE62-8AE9-4629-B67F-C20C4109DFFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{05BAFAAC-D85F-431A-AABF-F809FBA6C6C1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0611A9AA-E6D2-4EA7-B54E-A6267DA739C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{06414E75-5AF5-4F5C-9EF2-347DC59A667E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{084B5109-3D1A-4112-B520-F58182F0D6F1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{087F8ACA-3A3E-4E28-BA40-F642D1EBB32E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{094EF4A8-4580-43CE-94CA-2F94AB414519}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{09A90465-E400-4B39-9B8E-97C35A5DDAE5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0A15E939-6AED-426D-B459-FD67A0B58208}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0CE71BCE-B8A6-4EF1-BCF3-1721F10CD4B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0CF87F14-7160-46EB-9EC6-02CC8C094E77}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0E132C0B-61C6-41A5-83F5-398DE9E1F9A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0E883D71-4F61-4C5C-96E3-687231031EA9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0EDE1655-81F5-4833-A1CC-77B14746F18E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0F82E136-0D30-4819-8FDE-F28F870831B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0FA747D8-490E-4690-BA4A-F27AD72EDAF1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0FDAFE67-91B9-4AA4-9D3C-6975CA43D219}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10703A8E-20A6-43DD-9BB9-99CC359434DC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1073B1D7-6E3F-4D44-B236-243056C6C24E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10E18410-E7AF-46AB-8C2D-00DC7951A235}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10F0A154-01BB-4171-946E-35A970F40F73}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{11CB20F4-7DFC-4090-9E52-B898AD6FBF61}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{12DF7C96-28BF-4CAB-8681-E255030708A0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{14105D33-2225-41B5-B6C8-907251E81995}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{155AA191-4DE3-4ADC-9035-E1C02DB4BCE5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{15CA877D-B7D6-4EEC-AD51-B47313814941}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{16882CA1-1F39-44CD-ADE3-0C31B55F70BC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{17C06D60-053F-4C51-BA46-54B6C3B90FC4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{19C2902E-9EE1-47CF-893C-D6F5D9E22292}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{19F035A7-5651-471C-939B-51361E0D5059}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A756778-B15B-4DCB-BF2F-5C2CD5276138}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A7B6E8E-8393-4C4D-AD7D-E6C7AC429536}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A9F1366-60B7-47B0-84CB-98A9467F60D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1AB79264-62A1-43D8-9870-5E252DBDE2E2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1B739E34-9732-4498-A85B-82352FF00065}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1C1687E3-46E3-4377-B2EE-97B35031D8DF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1CE80F74-A1B3-4F17-8647-BBCB397ECC1B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1DBD5BC5-B02E-4F48-A505-9452FCC02218}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1F43F77E-51D0-4704-A619-AA0955DDDA86}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1F816B61-96DD-4F33-B54A-E2C0C5A4664A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1FEA442E-EB25-48F0-AAC9-70B55A8A4C04}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2246EEC0-CA7A-4533-A76C-081C4380AC9A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2270CE68-D24C-4293-ADB9-24DD07384F08}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{233D26DE-94A3-4FE5-90EB-A77E5400CAEE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2369C75F-BD59-48AD-B359-DFCC8DD97F45}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{236C0FD9-16A8-4692-956A-89A8399C35C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{23A0696E-C2F9-4181-B4F4-EDF92B8A1F3C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{243F5779-A463-4DB9-AEE0-AA865340F3A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2681D495-9C11-4796-9FA0-A6D984D03895}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{270A7466-5244-42A5-A9C9-B4945C649CBB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{29300769-C13E-4C07-9466-C4F253652F0F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{299D3ADB-B1C6-455D-BD7F-4AA681031B59}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A2B282D-9321-4FD6-8960-9E2012A078FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A3D06C4-A9F7-487B-975C-C580C084F285}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A7CC5B8-E970-4BCA-AB50-F6EA5884D4AA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2BA8C2AE-6160-4266-B756-F076EADCBABE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2D93D997-D69A-4A4E-870E-EAF992955164}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2F3A64DC-B29D-45DA-BDD4-E68734395C4E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{30194487-8847-4B59-9E3F-C7F73260045C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{308EC441-63B8-4156-ADEB-D5C96F1A3B4E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{309AE3F8-5EC4-477C-8758-92273BF3B976}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3335BB8A-8106-459C-A551-E97DF0E99330}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{343BA6B0-8797-48C4-9318-486A8BE13B17}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{348B0330-8E41-4F7A-AA26-DE3DE4DDB29B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{34A99710-9DCA-4CBF-94CE-DBCF0A16EEA3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{355F7943-1896-480C-820A-220882713CCF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3647FD93-2218-416F-BF91-A58AF8C8E318}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{369623D4-8ADA-4A08-95F9-F77B748C0924}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{380D5CEB-9DC5-48B8-B854-A7AD7BEBF04D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{38B72B5E-6EB7-43C6-9FBE-E9E585E85918}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3A1E7247-C687-441C-9F8B-32B8163B7409}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3B21A904-10C6-438F-AB7F-45FA82B369A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3DFA41DC-8920-402D-A6AF-2D061C54650E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3F0BAE25-7B96-4CF6-BC2A-D36BE337DC9D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3F3BF641-9A4D-4DAB-B9D4-13EECC05AAE9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3FD2F982-6809-4781-95F1-66099709DBC1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{417757DE-783C-450B-972F-0EC0BD16B48C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{41F4EB2D-372B-4BAE-9F0A-48FC735E4096}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{42B87574-D1B0-4F4A-A588-6101CD5E1D17}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{43EF3EF2-1B95-4C9D-981A-C08ED746468A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{453E7B29-F69D-4030-B6D4-57C31F7189E9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{45522ACF-482E-44A0-8916-25038B009F81}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{458BE287-CE4F-47F9-B00B-46621FB70870}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{46262ECD-7E13-4FCE-834F-3558AF360D09}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4635EDD7-C85E-4B6F-A5FF-7D197C93B91D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4657C9A5-23DC-4129-B5EF-DFA5B10607D5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4688BB92-6B7A-4907-A16C-D50495D2883A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4745B5BB-9A31-4AAB-B025-6DCA793C7884}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{47E750F3-F489-4F91-9714-BA1B0C976B01}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{49E0F17E-E431-4FF0-BFF7-954A5E0DE62D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4B5D4C44-6448-45BC-AE01-7D74722E8662}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4B70AFE9-B49E-4CF3-8813-7B3E4B03735D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4C25909E-056B-4F06-8F69-2B4F96FDA526}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4CB957D8-55F6-4B2D-B1E3-9C3DEE7E1E68}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4D710213-BDDD-4E64-813F-0735DACCF381}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4D912A08-C9EF-4574-82B7-E21216DD0A13}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4DAF4DC3-B567-4DD8-9DE8-D59A9D16F839}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4E6450D6-3260-4604-9B24-8FCDEBA0A31D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4EC8599E-1492-4DAB-82D3-C80D9D7A251D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{50610ADE-C38B-4830-B242-90EDCD3E1E90}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{52620036-0ABC-4132-88B9-6616B19A00D8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{53864076-523D-453B-810C-DF6DA195AD63}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{54147F05-2BDA-4665-A7E9-899032076EEB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{54C1E2D4-D539-43B1-9C20-96AAE3BEC01F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{556AA37E-6689-438B-B371-7C76499DB7A6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{55C08DA8-7BB0-4330-8403-29ACE1D424B4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{567BAD34-219B-40D9-8968-5E1FE40139CA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56AD2FA0-04D3-4926-873B-8206F9971E9C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56F96588-C09D-4A5E-B13F-2CD9E84E97FF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56F9850B-DF9D-4470-86EE-E93C5B5990A6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{571FEFAA-A762-45B3-9C46-0DDAFF38949A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{575290F0-2C27-4F2F-B532-6394BA6F2FD6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{57654A19-F9EF-4C0F-B7F0-4D1D4AD8989C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{585F8DBA-0944-4BD9-8A33-37ADA361A508}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{58A687F7-3F53-4763-9E77-3683C5734450}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{593B463C-4853-4113-9D89-F5EF33D22DB8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5A738688-B5E6-471E-974F-54DDFA44A471}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5B351CC4-4813-492B-8032-5844B2E02DBD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5BA430F8-DECC-4252-BB66-1916B01D6A7D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5C51C582-325D-4E5D-A487-2397EE56027B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5CFBA980-FE38-4559-9187-F86729BFEB8C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5D0783F4-1411-45D6-B850-657F5AED062C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5ECC7ECD-A7CA-424A-8AC1-433C4A27B775}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5EE10DD4-7DBF-4760-A81A-7F1020BBA41B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{60E6538B-8665-4B61-99A2-AFC63FD22A30}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6106E0C9-8172-45B8-BB6D-1A41CC5374EE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{61488230-0C81-498E-9709-A5443E6F8154}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{61E014B7-9420-482E-A49B-B2FCA9A6C0CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6251EE27-0546-49F9-B595-11123F0F2C19}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{643D476A-2603-4630-8A89-A4047578BC2A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{643EB6D2-4B3C-43EB-8543-102B5825717E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{646062CE-0F74-4999-8581-53EEB08A08C3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{64E8A3F9-3430-4A5F-8642-6874BEE982D2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{66C7E1A3-6CCF-4731-91D9-2BC75C649620}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6865926E-6D76-4CA4-90E0-CF38B6140DF8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{68F601CC-6F91-4099-84EC-E24460E42F6F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{68F6A860-43DD-4C1D-B3D5-CB2770745DB1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{69B3A8B4-EC23-4A92-ABAB-50723BF52154}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{69F4E5DD-4A64-488E-BA10-6C835EC109FD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6A6E9EDF-423A-40D7-9217-ACE8BE1C7038}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6BEB655A-1CBA-4525-B30B-5BFD4AAD9D24}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6D3B37B7-6552-42D5-81DA-544986A69077}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6DEE87C7-B460-475D-B151-5747E22DBDDD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E323C4A-D4FE-4B79-A019-67EE2B4C20FE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E980987-7FD6-4D45-A165-F7DB213957B9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E9F3155-34DC-4799-9E14-10F5251AD431}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6F13C054-6BD7-4E6C-8842-76AECEC3ED58}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6FCC3B59-2EBE-45B4-B653-B7CD71A3CD74}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{70C221EC-1BBB-4CC0-A7EB-FACE8EAF57E2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{721818C7-AF9C-415B-9452-F90D31CAB360}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{721E0DE7-4E4F-4034-91A5-DFD1363253CB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{72DB0DC9-AF28-4DAC-AFE7-D0651D7682CD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{73A709E1-7241-4FF9-B88B-5A9623FBF7C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{744BC8B4-E9D5-43B3-8819-4797CDEE67BC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{74DD3473-708B-498B-BE97-70EEC98C70E1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{74F4AF4A-D48C-4BAD-9240-5D27BE58DA58}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{75B65375-3266-4CA4-843A-CFA76D192BC7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7607D7C9-56DD-47D7-A6D8-4525AA7899EA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{761EE486-BA54-4E19-B0CA-AC8879DA38F3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{777F83ED-A870-4669-A337-A16008A240E7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{77A23CB1-BFE0-4783-A520-C87CF759CE8B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{794323EC-E37A-4C9F-A11D-DD29A55FFE2E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7945B090-CCED-4F49-A81A-096A2EFD37B4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{798A93ED-389B-4B0A-8188-D7572309B131}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7A92C333-036F-43C9-AA8C-385B6409AD86}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7BE47371-B19E-4F6A-8389-54AC07D6A557}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7C50B6BD-DEF3-4B83-9DE4-40BC7684F30E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7D057D74-4FF6-454B-A1F8-FF891246D644}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7E667C96-F442-434E-9CC9-4D6E6395A355}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7E8271A0-E8FB-4EE7-A8C2-DEEC750AEF57}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7EF16127-9E6B-4AE9-A3C0-C514C3044C7A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7F8DC289-0730-45D2-8908-540C88F68908}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7FB15CE2-BBAA-4944-AD56-81E5E6115D67}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{80902CDE-557E-4B47-80C7-F4E94F05D3B8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{829093C5-BFDD-4AF5-AA76-BA3D67CDAFA4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{82BDA925-FD7B-4F7D-91E1-0E81E071B9FC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{84F1CB72-1C60-4441-BD10-B2003F3017CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8540EB9A-7178-402E-82A2-C43A3DFD1C1A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{85A0724F-788F-4EA5-BA8A-0C78241CB6C2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{860DE5D2-00CF-4D04-A080-17FDC29EE8D7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8691EB08-BB93-48CE-9348-35BDD932DE7E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{86CECA9F-4B71-47F8-9AA6-FC1FCD7A2204}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{871B6E1A-1161-4583-AD7E-632D8AFA2464}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{87CCF9FD-A000-4D51-AA9E-40CB9C7FA3DE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{87E6E342-D7A5-4375-B29B-072F1211AD8E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8850A970-F63A-4E69-BC7E-53D4C8B416A3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8AD24DF9-3C47-453D-B3C3-E460368734EF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8B98EC1C-8700-4C14-98D1-4C81B276D23F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8B9B1632-A84D-4E48-8009-C4F8D7FE2BAE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8CBD1B59-5B44-49AC-BD74-12E9B2B56EBC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8EAE55E2-8308-4792-A235-2189452F315B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8EF4516B-29C7-405E-9F6E-C9D8FC7E53C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8F80D12A-FD6D-4D74-BB1A-1AA5B49458C0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8FEC792B-0559-42C2-98F9-1F0E2F13F0DE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9064B4FD-4824-45FC-A79B-61C1E6C23747}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{90897553-729B-4C37-BAD0-141EC3E0143B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{90D31AFF-9E19-45AC-A336-FEEADCF64F48}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9144917B-A855-4B60-8BDB-97D2568E9614}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{92B5EA1D-9073-4D06-AA68-2D2C5292CB0B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{92B7B8C5-C974-4943-9A8C-108B8989400C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{93950EA7-A069-4D24-B56D-6B87CD568FAF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{96141613-E934-439D-A423-117730863576}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9695918B-E523-4278-834A-E43D6DBCC0CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{96CD6F34-65CE-4188-B504-BBE3784B551F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9862D466-E276-4E01-810E-BCB464182FEF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{998AAA29-6EB4-45CA-A8CB-72F2FFAA5979}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{99F0A1B1-2412-4E61-B6B9-7A2A68310F63}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9A5C106A-7D03-4C27-892D-BE38E394F443}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9A6B2AB6-4501-43F0-8524-F098028220A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B2B1893-690B-4A1B-A1F6-6396DE18A72F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B415C8E-062B-400F-B118-8DE2C4236C7C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B5A3025-7BB4-46EC-92E1-1AAF01EA72EB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B88787A-9E62-4CD0-9E9D-2B0004B497F4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9C8E635F-8493-44D3-9DBB-FE1B9BF14663}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9DB86CFE-0DA4-48CB-AF0B-23BF75644C74}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9E0DD8E2-A33F-4DC4-9C0E-09C23160888B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9E65C2C8-0021-441D-8857-614A2B70BE66}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A00CC961-18B1-411F-8280-6DA50597649B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A0FB4E95-A9AC-49F6-8A7D-B250EA9A6B70}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A1312E56-9803-4FF0-85E4-CBA2820FA345}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A1D96A2D-2D86-494A-A871-232E38D007B8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A3970BFC-7248-46BE-A41C-42394F72D6DA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A52F443F-0945-4D60-9ED7-42552450D02C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A605DDB6-2D03-4392-86ED-9EB5B2B6E5C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A885DBD9-3340-4CD0-A8D0-18C7552EA533}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A8B263A3-AA78-41E9-A978-BD6D84602E51}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AAC08F90-568F-45FB-B92D-57F73F019959}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AB66DCEF-B17A-426E-B7D6-DC1611732D06}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AB6B85FF-3A71-4318-85F4-5B6B58108464}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{ACD2C858-87FE-4A8F-860A-ECA6D4DCBF71}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AD07962C-3BEC-4DAE-B2AF-846FC6ABD032}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AE5FD8F2-65C7-4020-9451-AE107D762808}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AF3D4C96-D115-4344-AEE2-CC67E47B344D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B09EAF4F-2976-423E-8A70-21934E9D6F9F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B0F5B19C-F3A6-4702-9597-73579A350171}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B1E73B66-D6B0-47A4-910F-1AD06E0E2330}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B1FDF897-78C8-42FD-B16D-36EB7F104AA9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2B45D76-56C8-4AC0-AAE9-3D93214B2874}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2D744EA-0A47-40A5-8C20-C5D935CCCCBB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2E5BCFA-104A-49AD-8EF4-D7E6B6B3208D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B39AA8B6-AB56-4A6E-8B36-B7C53D6B81D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B40D3C9F-4B2E-4E28-877D-EBDBA6508F61}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B4A5FCDF-EDC9-4561-99C9-CCB03839AF9C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5237EAB-BFFF-492E-AF49-3BF51B1621E7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B526E8FA-7E20-4E30-8205-A10FC72D9660}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5C5F40B-7561-4F94-A8F7-14E4D907DDC9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5F6A9BD-566A-43F8-9B79-AF61F2B7437D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B79A9384-90B3-4AC6-B414-1AE26946A8FF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B83D0838-8248-424D-8B06-85F546269F0C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B9968B45-1486-4AF0-BC8B-A927A2FDA564}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB2E506C-A67B-4D7C-AD45-2E3240CAE100}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB3A9864-1C3A-492B-A6D0-09A6CE2DEB78}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB8F364B-2858-487E-AE22-72E1A5D584BF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BC902370-4D3B-49E8-87DB-F122E4CDC81E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BC9B8998-C9B1-4C79-B644-32ABFFE43C34}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BEA702CF-9C3F-4B28-B6FC-76B310584FA6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C095A0A9-B49C-4674-8166-56C920A0CB2C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C21D0591-61AA-4E07-8315-F32567A4D985}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C2BB8D52-EF69-4B8E-9B52-C89253B1600A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C385DDBE-BD6D-4571-98A6-9322BA7CD9FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C3AD283B-7803-4E6A-9248-D9A4D57241DF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C4D656E8-7BAA-4D79-8F64-8707E583B07B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C536DCAF-0DF2-473B-9C54-2C206556BE6A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C71A5DB3-EF10-49F1-B37B-FCA1AB086D7B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C73611F5-8418-4492-A6EA-A09F98493173}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C7808D20-B593-4EE3-9CCA-4195D9098E68}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C8B362C7-8A29-4F49-8FB8-AF98D8530772}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CA1A0A45-0D16-440A-AB24-7709B66A03B0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CA852499-31B6-468C-BA3C-35F104311F81}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CAF9D96D-1AC0-499D-9E5F-B45082F956C2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CB7A9ED8-589E-4F26-A241-EAC5E532EBF0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CC55E4D1-CFE6-46C4-BFB6-6B4438E95973}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CCAE7BB3-5C0F-449F-B99D-C81948A7BB77}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CD14E3CA-5E6B-4F26-8BEE-393CF9570610}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CDB4B7FB-8A9D-4984-82D7-2BE21E62FBC8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CF7294ED-17A3-4828-91FE-FF259E19DFA6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D0EBCE5A-3008-4277-88D7-5A2CFA9754A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D143F178-306B-475E-BFBD-859A76571CAB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D1546233-A5AD-4EFE-8FFF-4BC20B883221}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D1670C02-99B1-4C3D-9D76-9BE83AE3F695}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D2BDE7B3-05A1-457D-8230-DBB6C398A9DC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D3760404-F6F5-46B9-B443-9F57C9631344}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D3D721FB-5EF2-4CE3-AF2D-FE3E25F6CBFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D51E86F0-5186-468E-A311-79B8A234447E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D59B0369-64E2-4D5A-BEA7-BB4838A241F4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DA58993E-8EDB-454F-8C66-6CF20895084E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DACE2683-43DA-45BF-BC2C-C2AD53B669E3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DAD02B29-5AB8-4A51-B603-A5A0EB43D715}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DBD191C1-C07C-4FD3-BFA9-B79219442342}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DBF4CB2C-60DD-4C0B-8FBF-FA2C7C9EFEBE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DC08ABDC-AF80-49D3-80D1-30610570A4FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DC98D6B7-D256-464B-B0A3-F952AA1F4363}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DD82EF7D-90BB-418C-A140-A9A866941749}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DDB42A3F-ECC1-4C96-B70A-5718D90C198A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E0463C6E-8186-43C9-BAEF-8809B2FFFAFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E112E3AC-8722-485B-93C1-CDBBD169CA90}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E34B9074-C780-45A3-BBDB-E94D8175484D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E35933A4-1626-4A57-B96F-59BE3913DBC3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E5A025F6-D1B3-4123-8A4B-5D24B27965FD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E5B39437-7270-4BA6-92F0-B30D1874E61A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E7ED7B42-8DB6-405A-936A-1F21E2A4D08D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E8388610-8D7C-4FA0-A28C-0E96D7074F1C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EA0BF275-1BE8-4D62-AF65-7D84A4E9204F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EA6F66D8-2AF6-4508-B3EC-64020C7903AE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB5A4FA7-FC5B-440D-A6E3-C0DFE8C11D57}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB68A377-F632-4633-906B-F34BC215BCD1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB8678CE-55EA-4A96-98F1-AA3ADDD1DBE8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EBC8F90F-BC7F-414A-A350-84460B1B76E4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{ECC18153-223E-4F8F-8259-89DBC0398A8C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EDF7E9CD-133E-4EF4-92E7-228D69C4B9D7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EEB5C2A4-FD3C-461E-B1E7-DF2809FC9D0E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EED8BA70-8138-4363-8757-D29435B2009C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EF252D3D-4F01-4A04-9909-9C7421D639A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EF818E2B-AAF4-4124-864D-FC522A60955A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F113D162-80A5-4632-9347-402264A20D66}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F1200D5B-EB6C-45BF-8E7C-04DB36574B32}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F221CE94-1A83-457A-96E8-4C66D7A1249C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F26979EB-7A34-4972-BAF1-A661CA3696D5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F277A191-3CCA-4CC5-BF2B-F4CEA3B23770}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F41B1416-E92E-403F-A24E-D6BC09A60C1A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F49EE57B-0A1F-493B-99BE-04AA7D2007C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F4A94BA8-3AD5-48FC-BE2F-ED79CC1FE94E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F634E329-CEC8-4DE3-BD79-886677FA3549}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F66E72AF-A7BC-4B88-8FF7-196F82475EC3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F7678C03-E3D9-4FDC-8EA7-55420302131B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F900D242-1C0F-4124-93AA-1852B914C895}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FB9B7B56-0DD2-4A6C-98C7-89F1CAAE6D15}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FBB93FCD-24F5-402D-987A-D54551C3F049}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FBEFECE2-BFE6-41E6-855B-52D547EB97B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FDCB6667-E597-48A8-994E-BA7EB46D5C05}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FE576015-FDDD-4B39-911E-268344BC11D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FF1AA0FA-207B-49CA-B760-1B459C0512FE}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\jetpack
Emptied folder: C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\minidumps [117 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.04.2013 at 16:29:31,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
2. AdwCleaner

Code:
ATTFilter
# AdwCleaner v2.202 - Datei am 24/04/2013 um 16:57:37 erstellt
# Aktualisiert am 23/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ms - BOERTA
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ms\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\Common Files\spigot
Ordner Gelöscht : C:\Users\ms\AppData\Roaming\Mozilla\Firefox\Profiles\k6cyhvxy.default\jetpack

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\ms\AppData\Roaming\Mozilla\Firefox\Profiles\k6cyhvxy.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1402 octets] - [24/04/2013 16:57:37]

########## EOF - C:\AdwCleaner[S1].txt - [1462 octets] ##########
         

Fortsetzung folgt...

Hier der zweite Teil....


3. OLT

OLT.exe:

Code:
ATTFilter
OTL logfile created on: 24.04.2013 17:04:13 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ms\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,37% Memory free
7,79 Gb Paging File | 5,48 Gb Available in Paging File | 70,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,27 Gb Total Space | 364,12 Gb Free Space | 81,59% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOERTA | User Name: ms | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ms\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
PRC - C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC)
PRC - C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC)
PRC - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
PRC - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
MOD - C:\Windows\SysWOW64\C2MP\TrayMenu.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SCManager) -- C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor10.0) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (rimssne) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (risdsnxc) -- C:\Windows\SysNative\drivers\risdsnxc64.sys (REDC)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.at/
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes\{10495EC9-E2A8-4A7B-BFB7-EC629A0B7492}: "URL" = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes\{9E29CBE5-5219-48EB-B28E-1F3B5F806E73}: "URL" = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://google.at"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M]
 
[2013.03.05 02:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Extensions
[2013.04.21 19:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Firefox\Profiles\k6cyhvxy.default\extensions
[2013.04.12 15:46:41 | 000,783,286 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\ext@sprng.me.xpi
[2013.04.15 15:22:47 | 000,215,824 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\pinterest-addon@felixfung.ca.xpi
[2013.04.12 15:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 15:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.25 06:55:08 | 000,171,584 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.searchnu.com/406
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchnu.com/406
CHR - homepage: hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ch
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{031A699D-83FF-4904-B4E9-F5BF3A28E095}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{557CD5E5-D88D-44B9-B8A7-F81704059BAB}: DhcpNameServer = 10.100.58.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.24 16:23:21 | 000,535,764 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\ms\Desktop\JRT.exe
[2013.04.21 20:05:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe
[2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchMe Toolbar
[2013.04.15 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013.04.15 15:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013.04.15 15:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2013.04.14 03:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax
[2013.04.13 14:24:48 | 000,364,720 | ---- | C] (Intel Corp.) -- C:\Windows\SysNative\IntelQuickSyncDecoder.dll
[2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax
[2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax
[2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2013.04.13 14:23:50 | 000,284,336 | ---- | C] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
[2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2013.04.12 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.10 03:01:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 03:01:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 03:01:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 03:01:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 03:01:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 03:01:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 03:01:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 03:01:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 03:01:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 03:01:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 03:01:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 03:01:13 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 03:01:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 03:01:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 03:01:10 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 02:18:08 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 02:18:08 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 02:18:07 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 02:18:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 02:18:07 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 02:18:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 02:14:59 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 02:14:58 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 02:14:57 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 02:14:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 02:14:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 02:14:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.05 03:02:49 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 03:02:49 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 03:02:49 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 03:02:49 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 03:02:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 03:02:49 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 03:02:48 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 03:02:48 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 03:02:48 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 03:02:48 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 03:02:48 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 03:02:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 03:02:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 03:02:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 03:02:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 03:02:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 03:02:48 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 03:02:47 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 03:02:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 03:02:47 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 03:02:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 03:02:47 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 03:02:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 03:02:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 03:02:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 03:02:45 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 03:02:45 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 03:02:45 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 03:02:45 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 03:02:45 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 03:02:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 03:02:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 03:02:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 03:02:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 03:02:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 03:02:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 03:02:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 03:02:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 03:02:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 03:02:44 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 03:02:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 03:02:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 03:02:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 03:02:44 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 03:02:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 03:02:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 03:02:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 03:02:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.05 03:02:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 03:02:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 03:02:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 03:02:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 03:02:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.04 22:41:11 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi
[2013.04.02 03:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2013.04.02 03:57:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.24 17:07:19 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 17:07:19 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 17:06:52 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.24 17:06:52 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.24 17:06:52 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.24 17:06:52 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.24 17:06:52 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.24 16:59:46 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 16:59:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 16:59:28 | 3138,428,928 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.24 16:56:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 16:55:56 | 000,619,461 | ---- | M] () -- C:\Users\ms\Desktop\adwcleaner.exe
[2013.04.24 16:23:21 | 000,535,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\ms\Desktop\JRT.exe
[2013.04.24 16:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.23 21:29:29 | 001,516,251 | ---- | M] () -- C:\Users\ms\Desktop\AVG Original.pdf
[2013.04.22 18:56:52 | 1425,113,545 | ---- | M] () -- C:\Users\ms\Desktop\Game.of.Thrones.S03E04.720p.HDTV.x264-EVOLVE.mkv
[2013.04.21 20:22:05 | 000,377,856 | ---- | M] () -- C:\Users\ms\Desktop\gmer_2.1.19163.exe
[2013.04.21 20:05:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe
[2013.04.21 19:59:44 | 000,000,000 | ---- | M] () -- C:\Users\ms\defogger_reenable
[2013.04.21 19:59:20 | 000,050,477 | ---- | M] () -- C:\Users\ms\Desktop\Defogger.exe
[2013.04.21 18:30:02 | 000,001,873 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\dischandler.exe
[2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll
[2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll
[2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax
[2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll
[2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll
[2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll
[2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll
[2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll
[2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll
[2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll
[2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax
[2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2013.04.15 22:02:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.04.15 15:28:50 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.15 15:28:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.14 21:05:52 | 182,522,087 | ---- | M] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf
[2013.04.14 03:04:54 | 005,499,558 | ---- | M] () -- C:\Users\ms\Desktop\FUSION_DE.pdf
[2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax
[2013.04.13 14:24:48 | 000,364,720 | ---- | M] (Intel Corp.) -- C:\Windows\SysNative\IntelQuickSyncDecoder.dll
[2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax
[2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax
[2013.04.13 14:24:16 | 000,421,600 | ---- | M] () -- C:\Windows\SysNative\swscale-lav-2.dll
[2013.04.13 14:24:14 | 007,977,200 | ---- | M] () -- C:\Windows\SysNative\avcodec-lav-55.dll
[2013.04.13 14:24:14 | 001,245,920 | ---- | M] () -- C:\Windows\SysNative\avformat-lav-55.dll
[2013.04.13 14:24:14 | 000,289,008 | ---- | M] () -- C:\Windows\SysNative\avutil-lav-52.dll
[2013.04.13 14:24:14 | 000,202,648 | ---- | M] () -- C:\Windows\SysNative\avfilter-lav-3.dll
[2013.04.13 14:24:14 | 000,194,016 | ---- | M] () -- C:\Windows\SysNative\avresample-lav-1.dll
[2013.04.13 14:23:50 | 007,788,672 | ---- | M] () -- C:\Windows\SysWow64\avcodec-lav-55.dll
[2013.04.13 14:23:50 | 001,300,152 | ---- | M] () -- C:\Windows\SysWow64\avformat-lav-55.dll
[2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax
[2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax
[2013.04.13 14:23:50 | 000,400,592 | ---- | M] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013.04.13 14:23:50 | 000,284,336 | ---- | M] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
[2013.04.13 14:23:50 | 000,272,192 | ---- | M] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax
[2013.04.13 14:23:50 | 000,194,632 | ---- | M] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013.04.13 14:23:50 | 000,172,728 | ---- | M] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013.04.12 17:57:18 | 000,549,804 | ---- | M] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf
[2013.04.10 15:44:51 | 000,098,169 | ---- | M] () -- C:\Users\ms\Desktop\Korr.pdf
[2013.04.10 13:12:30 | 000,445,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.05 03:02:49 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.05 03:02:49 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.05 03:02:49 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.05 03:02:49 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.05 03:02:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.05 03:02:49 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.05 03:02:48 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.05 03:02:48 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.05 03:02:48 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.05 03:02:48 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.05 03:02:48 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.05 03:02:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.05 03:02:48 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.05 03:02:48 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.05 03:02:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.05 03:02:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.05 03:02:48 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.05 03:02:47 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.05 03:02:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.05 03:02:47 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.05 03:02:47 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.05 03:02:47 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.05 03:02:47 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.05 03:02:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.05 03:02:47 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 03:02:47 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.05 03:02:45 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.05 03:02:45 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.05 03:02:45 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.05 03:02:45 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.05 03:02:45 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.05 03:02:45 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.05 03:02:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.05 03:02:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.05 03:02:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.05 03:02:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.05 03:02:45 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.05 03:02:45 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.05 03:02:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.05 03:02:45 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.05 03:02:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.05 03:02:44 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.05 03:02:44 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.05 03:02:44 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.05 03:02:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.05 03:02:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.05 03:02:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.05 03:02:44 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.05 03:02:44 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.05 03:02:44 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.05 03:02:44 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.05 03:02:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.05 03:02:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.05 03:02:44 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.05 03:02:44 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.03 19:22:30 | 000,000,770 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk
[2013.04.02 03:58:36 | 000,001,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013.03.28 16:40:52 | 000,531,573 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps
[2013.03.28 16:39:26 | 000,314,751 | ---- | M] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps
[2013.03.28 16:36:08 | 000,305,899 | ---- | M] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps
[2013.03.28 16:34:34 | 000,241,232 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps
[2013.03.27 20:27:51 | 000,002,851 | ---- | M] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG
[2013.03.27 17:36:06 | 000,096,149 | ---- | M] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.24 16:55:56 | 000,619,461 | ---- | C] () -- C:\Users\ms\Desktop\adwcleaner.exe
[2013.04.23 21:29:28 | 001,516,251 | ---- | C] () -- C:\Users\ms\Desktop\AVG Original.pdf
[2013.04.23 02:46:39 | 1425,113,545 | ---- | C] () -- C:\Users\ms\Desktop\Game.of.Thrones.S03E04.720p.HDTV.x264-EVOLVE.mkv
[2013.04.21 20:22:01 | 000,377,856 | ---- | C] () -- C:\Users\ms\Desktop\gmer_2.1.19163.exe
[2013.04.21 19:59:44 | 000,000,000 | ---- | C] () -- C:\Users\ms\defogger_reenable
[2013.04.21 19:59:15 | 000,050,477 | ---- | C] () -- C:\Users\ms\Desktop\Defogger.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe
[2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll
[2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax
[2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll
[2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll
[2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll
[2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll
[2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll
[2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll
[2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll
[2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax
[2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2013.04.15 22:02:19 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013.04.14 21:05:51 | 182,522,087 | ---- | C] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf
[2013.04.14 03:04:45 | 005,499,558 | ---- | C] () -- C:\Users\ms\Desktop\FUSION_DE.pdf
[2013.04.13 14:24:16 | 000,421,600 | ---- | C] () -- C:\Windows\SysNative\swscale-lav-2.dll
[2013.04.13 14:24:14 | 007,977,200 | ---- | C] () -- C:\Windows\SysNative\avcodec-lav-55.dll
[2013.04.13 14:24:14 | 001,245,920 | ---- | C] () -- C:\Windows\SysNative\avformat-lav-55.dll
[2013.04.13 14:24:14 | 000,289,008 | ---- | C] () -- C:\Windows\SysNative\avutil-lav-52.dll
[2013.04.13 14:24:14 | 000,202,648 | ---- | C] () -- C:\Windows\SysNative\avfilter-lav-3.dll
[2013.04.13 14:24:14 | 000,194,016 | ---- | C] () -- C:\Windows\SysNative\avresample-lav-1.dll
[2013.04.13 14:23:50 | 007,788,672 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll
[2013.04.13 14:23:50 | 001,300,152 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll
[2013.04.13 14:23:50 | 000,400,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013.04.13 14:23:50 | 000,272,192 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013.04.13 14:23:50 | 000,194,632 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013.04.13 14:23:50 | 000,172,728 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013.04.12 17:57:15 | 000,549,804 | ---- | C] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf
[2013.04.10 15:44:49 | 000,098,169 | ---- | C] () -- C:\Users\ms\Desktop\SKorr.pdf
[2013.04.05 03:02:47 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.05 03:02:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.02 03:58:40 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013.04.02 03:58:36 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013.03.28 16:40:44 | 000,531,573 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps
[2013.03.28 16:39:20 | 000,314,751 | ---- | C] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps
[2013.03.28 16:36:02 | 000,305,899 | ---- | C] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps
[2013.03.28 16:34:30 | 000,241,232 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps
[2013.03.27 20:27:51 | 000,002,851 | ---- | C] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG
[2013.03.27 17:36:06 | 000,096,149 | ---- | C] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf
[2012.12.19 23:52:54 | 000,000,581 | ---- | C] () -- C:\Users\ms\AppData\Local\cookies.ini
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012.04.21 02:53:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.04.21 00:54:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.21 00:47:47 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.03.20 03:15:26 | 013,184,512 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.03.20 03:15:26 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.20 03:15:26 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.03.20 03:15:26 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.20 03:15:26 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.20 03:15:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.03.20 03:15:26 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.03.20 03:15:26 | 000,056,476 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat
[2012.03.20 03:15:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat
[2012.03.20 03:15:25 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.03 17:05:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.03 17:05:40 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Es folgt sogar noch ein dritter Teil...
__________________

Geändert von hilflos001 (24.04.2013 um 17:39 Uhr)

Alt 24.04.2013, 17:35   #4
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Aha, das wird anscheinend zu einem Post zusammengefügt.

Hier jedenfalls die letzte Logdatei:


Extra.exe:

Code:
ATTFilter
OTL Extras logfile created on: 24.04.2013 17:04:13 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ms\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,37% Memory free
7,79 Gb Paging File | 5,48 Gb Available in Paging File | 70,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,27 Gb Total Space | 364,12 Gb Free Space | 81,59% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOERTA | User Name: ms | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E7069DB-B2D2-469B-8566-23BBCF61E1E7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{34B0856C-74CC-494F-AA4A-1D7BE2C3AEA3}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
"{53860987-7EA7-4C18-A5E6-148D0F40A528}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{A160DF1C-CDF9-4628-88AC-99273C262216}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
"{F5BD2059-A963-43FC-B825-8C0E863162BA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{FCE91F7F-0B5F-42D5-B36F-7B7EE6DFE388}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048595FE-73CD-43B5-9BBC-B295E6B3B4B0}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{1FEA0E5E-48C4-4F65-9792-FD174AE24522}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{244A5B01-9B32-47F0-950F-B9617BFE40A4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{2670E51B-5F1C-4927-BAB6-44D88BBB5AB9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{26BC8452-3C48-45B3-896C-E9DAFBB9B15A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{3671B3E2-227B-4D42-9216-C23E6AD98F58}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{7AA561E7-639B-4323-B045-3D2092769125}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{871F0827-5A63-439E-A1F1-6C474FFFEFF7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{AA5C52E8-9E20-4DD4-8BEC-9D6A21AA2D5E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{ACF5D287-C38B-42CE-B8C4-6E5D6A885457}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{CA3031D6-558B-40D9-BAD3-706C6DB9B1A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CFEB862F-528D-47D8-B1B2-5A3864DD99B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{F774D7DD-1808-44FD-B9C7-F23A2A60ED79}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EB7792D-EFA2-42AB-9A22-F33D9458E974}" = Media Gallery
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2FE46568-5754-43AE-A289-0A8A7E5BCEAE}" = calibre 64bit
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4D95D095-8C6F-4357-BDD8-27E295F37FB1}" = VAIO Care
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BC3B8C54-7E10-0A4D-F6CA-52616DB1E96F}" = AMD Catalyst Install Manager
"{BFBE16E7-D5C3-F4AB-0485-88374CBFAFFA}" = ccc-utility64
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi-Software
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE491EE-6512-2C9A-466C-6D956EDD7EEE}" = CCC Help Greek
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{151CE009-E3CA-3772-AA38-A74EEAF8E31E}" = CCC Help Czech
"{153AAB30-B5C5-4B51-8EC7-7B6F0115BE6E}" = SearchMe Toolbar v7.0
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EE952F6-A614-4EB3-4157-88D529A3C3BA}" = CCC Help Polish
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ mit BRAVIA
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34B52882-1B2A-99B9-200E-26525B2F6CB6}" = CCC Help English
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{44A39454-E35F-F916-D97D-609167097F5F}" = PX Profile Update
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{477633F3-3417-4A76-AC60-C4599617BC45}" = Catalyst Control Center - Branding
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4846B7FE-44E5-7967-4978-62FC2B4D978C}" = CCC Help Turkish
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{54EEE33B-9223-02FF-7E94-E2CA18867B8F}" = CCC Help Spanish
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6069F836-AC5D-E50C-F6FB-9B632E3266CF}" = Catalyst Control Center InstallProxy
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66BBEB99-BB5D-DFD8-D4FB-E12FA748A888}" = Catalyst Control Center Localization All
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67F43112-847D-D4E0-91FF-222F6342808C}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F0A238D-0769-B0B0-DE27-2A3CEDFDE07E}" = CCC Help Japanese
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{6FDF31EE-B0A0-3229-BCE0-8712F3ACCC42}" = CCC Help Chinese Traditional
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C3C573-C536-A2F9-1BB2-B718DA24C248}" = CCC Help Thai
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77B9B45D-A66F-88A5-62E6-E98F079C28AF}" = CCC Help Norwegian
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{840B9FA7-4CC5-9015-5E0E-666207E8AA63}" = Catalyst Control Center Profiles Mobile
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86FBC192-D7F5-793B-7CEB-C2F7C4C51452}" = CCC Help Chinese Standard
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{88859C61-F4AC-6C07-458A-B716E41A2955}" = CCC Help Hungarian
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EF5D686-CA31-2193-8F15-8BA5050400BA}" = CCC Help French
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A4D1F0BB-7A45-EBE1-E0AE-9CA35C8E45DE}" = Catalyst Control Center Graphics Previews Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BAE1CCA6-AB32-4D27-AE69-203436D54EC8}" = Reader for PC
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D5E03D17-101E-3DED-50DA-A4CDCC283CF7}" = CCC Help Swedish
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DD5D6FD8-9190-A822-0336-48B35ACEE7CE}" = CCC Help German
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{DFB1925E-B6AC-F1CF-1E76-D63758286550}" = Catalyst Control Center
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E171F141-FDA5-B389-B851-9521367C4F0D}" = CCC Help Danish
"{E43B02AF-3B25-7007-D9B0-87E633411CA0}" = CCC Help Russian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB312DD5-06AB-ED57-BC21-CE213E03AEB5}" = CCC Help Dutch
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3BF49E7-544C-94F5-1690-2800E3C431C7}" = CCC Help Italian
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA3DA987-9F3E-4A78-4F57-8E6E3B4303A3}" = CCC Help Finnish
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FD761869-BAD8-7C29-A9E3-523A07F5F632}" = CCC Help Portuguese
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Google Chrome" = Google Chrome
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"McAfee Security Scan" = McAfee Security Scan Plus
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.7
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Ravensburger tiptoi" = Ravensburger tiptoi
"SafeConnect" = SafeConnect
"VAIO Help and Support" = 
"VTechDownloadManager" = VTech Download Manager
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WTA-349238c8-d1f1-43b2-bedb-bc2c86f792b8" = Build-a-lot 2
"WTA-5c4c58e7-ff05-4b3a-afe3-fa3592163c0b" = Mystery P.I. - The London Caper
"WTA-5cff513f-ae98-46c6-8811-c7eedbe797d6" = Mahjongg Artifacts
"WTA-6a55e284-2e06-45db-a1f7-7d04cd040b3e" = Chuzzle Deluxe
"WTA-6c0fdd54-6a60-4a59-b5c3-a70ddbb3ba0a" = The Hidden Object Game Show
"WTA-6eefbf06-0af2-451e-822f-80184a9af617" = Polar Bowler
"WTA-7236047d-6015-4845-ae14-4aabd7d14755" = Agatha Christie - Death on the Nile
"WTA-76a43f44-2e40-43cc-bb6b-7152c3fb4f52" = Mystery of Mortlake Mansion
"WTA-7aab279e-24a8-406b-a9df-0cae65338e68" = Bejeweled 3
"WTA-7b9d5929-8403-48d6-8de4-9a015ccc54b4" = Plants vs. Zombies - Game of the Year
"WTA-7d53d348-a7af-4c9e-be32-72cfc459dc1b" = Fishdom (TM) 2
"WTA-82f1a714-263b-43b6-bde3-01bd254815d7" = Cake Mania
"WTA-96a8f730-0a6d-4ef8-8e3c-efc87a2ece01" = Insaniquarium Deluxe
"WTA-c76134e6-5067-452e-b3d7-9b61782bdd09" = Jewel Quest Solitaire 2
"WTA-ce535f10-8f01-42da-8628-ae93505cc5bb" = Aloha TriPeaks
"WTA-f118041c-ea04-4bbc-bdc3-17d728d79bad" = Virtual Villagers 4 - The Tree of Life
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.04.2013 10:43:22 | Computer Name = boerta | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\ATI\CIM\Bin64\SetACL64.exe".
Die
 abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 24.04.2013 10:50:44 | Computer Name = boerta | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2013 10:59:41 | Computer Name = boerta | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 24.04.2013 10:49:36 | Computer Name = boerta | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
Mit dankbaren Grüße,
MS

Alt 24.04.2013, 21:43   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Problem behoben?

GMER meldet allerdings noch einen unbekannten MBR, das will ich lieber nochmal prüfen:

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.04.2013, 02:09   #6
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hallo cosinus,

ja, mein Rechner scheint sich etwas erholt zu haben. Firefox lässt sich wieder schließen und ist wieder schneller.

Hier die Ergebnisse der Scans:

1. MBAR
Hat keine Malware gefunden und (deshalb?) keine Logdatei erstellt.


2. aswMBR

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-24 22:32:11
-----------------------------
22:32:11.396    OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:11.396    Number of processors: 4 586 0x2A07
22:32:11.396    ComputerName: BOERTA  UserName: 
22:32:11.474    Initialze error 1 
22:36:26.417    AVAST engine defs: 13042400
22:36:57.632    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:57.632    Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
22:36:57.679    Disk 0 MBR read successfully
22:36:57.679    Disk 0 MBR scan
22:36:57.695    Disk 0 unknown MBR code
22:36:57.695    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
22:36:57.695    Disk 0 scanning C:\Windows\system32\drivers
22:36:57.695    Service scanning
22:36:58.241    Modules scanning
22:36:58.241    Disk 0 trace - called modules:
22:36:58.241    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
22:36:58.241    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c07790]
22:36:58.241    3 CLASSPNP.SYS[fffff88001dd143f] -> nt!IofCallDriver -> [0xfffffa80048ed950]
22:36:58.755    5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005c0b050]
22:36:58.755    AVAST engine scan C:\Windows
22:36:58.755    AVAST engine scan C:\Windows\system32
22:36:58.755    AVAST engine scan C:\Windows\system32\drivers
22:36:58.771    AVAST engine scan C:\Users\ms
22:36:58.771    AVAST engine scan C:\ProgramData
22:36:58.771    Scan finished successfully
22:37:23.154    Disk 0 MBR has been saved successfully to "C:\Users\ms\Desktop\MBR.dat"
22:37:23.466    The log file has been saved successfully to "C:\Users\ms\Desktop\aswMBR.txt"
         
3. TDSS-Killer

Code:
ATTFilter
22:47:17.0097 0576  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:47:17.0097 0576  UEFI system
22:47:17.0549 0576  ============================================================
22:47:17.0549 0576  Current date / time: 2013/04/24 22:47:17.0549
22:47:17.0549 0576  SystemInfo:
22:47:17.0549 0576  
22:47:17.0549 0576  OS Version: 6.1.7601 ServicePack: 1.0
22:47:17.0549 0576  Product type: Workstation
22:47:17.0549 0576  ComputerName: BOERTA
22:47:17.0549 0576  UserName: ms
22:47:17.0549 0576  Windows directory: C:\Windows
22:47:17.0549 0576  System windows directory: C:\Windows
22:47:17.0549 0576  Running under WOW64
22:47:17.0549 0576  Processor architecture: Intel x64
22:47:17.0549 0576  Number of processors: 4
22:47:17.0549 0576  Page size: 0x1000
22:47:17.0549 0576  Boot type: Normal boot
22:47:17.0549 0576  ============================================================
22:47:18.0267 0576  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:47:18.0267 0576  ============================================================
22:47:18.0267 0576  \Device\Harddisk0\DR0:
22:47:18.0267 0576  GPT partitions:
22:47:18.0267 0576  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {F2A1560E-92C7-43B4-8C7B-31BA1F35315B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
22:47:18.0267 0576  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5637DE2E-D797-43DE-B9B2-00A6C5E036F2}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x25B6800
22:47:18.0267 0576  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E9E67938-EDF1-4C31-8493-5BF15A7609CE}, Name: EFI system partition, StartLBA 0x2639000, BlocksNum 0x82000
22:47:18.0267 0576  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {04911F3D-6FE6-4770-808D-C8EDAD56C344}, Name: Microsoft reserved partition, StartLBA 0x26BB000, BlocksNum 0x40000
22:47:18.0267 0576  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BE157DD1-B497-4583-B5EF-0BEC51EB8D9C}, Name: Basic data partition, StartLBA 0x26FB000, BlocksNum 0x37C8B00F
22:47:18.0267 0576  MBR partitions:
22:47:18.0267 0576  ============================================================
22:47:18.0298 0576  C: <-> \Device\Harddisk0\DR0\Partition5
22:47:18.0298 0576  ============================================================
22:47:18.0298 0576  Initialize success
22:47:18.0298 0576  ============================================================
22:47:26.0644 7152  ============================================================
22:47:26.0644 7152  Scan started
22:47:26.0644 7152  Mode: Manual; SigCheck; TDLFS; 
22:47:26.0644 7152  ============================================================
22:47:27.0081 7152  ================ Scan system memory ========================
22:47:27.0081 7152  System memory - ok
22:47:27.0081 7152  ================ Scan services =============================
22:47:27.0377 7152  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:47:27.0424 7152  1394ohci - ok
22:47:27.0486 7152  ACDaemon - ok
22:47:27.0517 7152  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:47:27.0533 7152  ACPI - ok
22:47:27.0564 7152  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:47:27.0564 7152  AcpiPmi - ok
22:47:27.0642 7152  [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
22:47:27.0658 7152  AdobeActiveFileMonitor10.0 - ok
22:47:27.0798 7152  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:47:27.0814 7152  AdobeFlashPlayerUpdateSvc - ok
22:47:27.0845 7152  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:47:27.0861 7152  adp94xx - ok
22:47:27.0907 7152  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:47:27.0907 7152  adpahci - ok
22:47:27.0954 7152  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:47:27.0970 7152  adpu320 - ok
22:47:28.0001 7152  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:47:28.0032 7152  AeLookupSvc - ok
22:47:28.0079 7152  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:47:28.0095 7152  AFD - ok
22:47:28.0126 7152  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:47:28.0141 7152  agp440 - ok
22:47:28.0157 7152  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:47:28.0173 7152  ALG - ok
22:47:28.0188 7152  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:47:28.0204 7152  aliide - ok
22:47:28.0219 7152  [ 426E8B3243880A20F877D50D390F3335 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:47:28.0251 7152  AMD External Events Utility - ok
22:47:28.0266 7152  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:47:28.0282 7152  amdide - ok
22:47:28.0297 7152  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:47:28.0297 7152  AmdK8 - ok
22:47:28.0516 7152  [ 19374175566D0CD413D05E92D9797A3C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:47:28.0641 7152  amdkmdag - ok
22:47:28.0687 7152  [ 06DB356D98381F8B75CEBF5202F50DA1 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:47:28.0719 7152  amdkmdap - ok
22:47:28.0750 7152  [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
22:47:28.0765 7152  amdkmpfd - ok
22:47:28.0797 7152  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:47:28.0812 7152  AmdPPM - ok
22:47:28.0843 7152  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:47:28.0859 7152  amdsata - ok
22:47:28.0890 7152  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:47:28.0890 7152  amdsbs - ok
22:47:28.0906 7152  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:47:28.0921 7152  amdxata - ok
22:47:28.0953 7152  [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
22:47:28.0968 7152  AMPPAL - ok
22:47:28.0968 7152  [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
22:47:28.0984 7152  AMPPALP - ok
22:47:29.0093 7152  [ E1841818278F2A9D66F834451D608AEA ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
22:47:29.0109 7152  AMPPALR3 - ok
22:47:29.0155 7152  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:47:29.0187 7152  AppID - ok
22:47:29.0202 7152  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:47:29.0233 7152  AppIDSvc - ok
22:47:29.0265 7152  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
22:47:29.0296 7152  Appinfo - ok
22:47:29.0296 7152  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
22:47:29.0311 7152  arc - ok
22:47:29.0343 7152  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:47:29.0343 7152  arcsas - ok
22:47:29.0436 7152  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:47:29.0436 7152  aspnet_state - ok
22:47:29.0467 7152  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:47:29.0499 7152  AsyncMac - ok
22:47:29.0530 7152  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:47:29.0530 7152  atapi - ok
22:47:29.0577 7152  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
22:47:29.0608 7152  athr - ok
22:47:29.0655 7152  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:47:29.0686 7152  AudioEndpointBuilder - ok
22:47:29.0701 7152  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:47:29.0733 7152  AudioSrv - ok
22:47:29.0764 7152  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:47:29.0779 7152  AxInstSV - ok
22:47:29.0826 7152  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:47:29.0842 7152  b06bdrv - ok
22:47:29.0873 7152  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:47:29.0889 7152  b57nd60a - ok
22:47:29.0967 7152  [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:47:29.0982 7152  BBSvc - ok
22:47:30.0013 7152  [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:47:30.0029 7152  BBUpdate - ok
22:47:30.0060 7152  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:47:30.0060 7152  BDESVC - ok
22:47:30.0091 7152  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:47:30.0123 7152  Beep - ok
22:47:30.0169 7152  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:47:30.0201 7152  BFE - ok
22:47:30.0247 7152  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:47:30.0279 7152  BITS - ok
22:47:30.0310 7152  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:47:30.0325 7152  blbdrive - ok
22:47:30.0419 7152  [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
22:47:30.0450 7152  Bluetooth Device Monitor - ok
22:47:30.0497 7152  [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
22:47:30.0513 7152  Bluetooth Media Service - ok
22:47:30.0575 7152  [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
22:47:30.0606 7152  Bluetooth OBEX Service - ok
22:47:30.0637 7152  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:47:30.0637 7152  bowser - ok
22:47:30.0669 7152  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:47:30.0684 7152  BrFiltLo - ok
22:47:30.0700 7152  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:47:30.0700 7152  BrFiltUp - ok
22:47:30.0747 7152  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:47:30.0747 7152  Browser - ok
22:47:30.0778 7152  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:47:30.0793 7152  Brserid - ok
22:47:30.0809 7152  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:47:30.0825 7152  BrSerWdm - ok
22:47:30.0856 7152  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:47:30.0856 7152  BrUsbMdm - ok
22:47:30.0871 7152  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:47:30.0887 7152  BrUsbSer - ok
22:47:30.0918 7152  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:47:30.0934 7152  BthEnum - ok
22:47:30.0949 7152  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:47:30.0965 7152  BTHMODEM - ok
22:47:30.0981 7152  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:47:30.0996 7152  BthPan - ok
22:47:31.0027 7152  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:47:31.0043 7152  BTHPORT - ok
22:47:31.0074 7152  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:47:31.0105 7152  bthserv - ok
22:47:31.0121 7152  [ 618AFD0072F4A672977484BFF6FE4FE2 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
22:47:31.0137 7152  BTHSSecurityMgr - ok
22:47:31.0168 7152  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:47:31.0168 7152  BTHUSB - ok
22:47:31.0199 7152  [ 988CC6CC49303665D3B2435C51505C3F ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
22:47:31.0215 7152  btmaux - ok
22:47:31.0246 7152  [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
22:47:31.0261 7152  btmhsf - ok
22:47:31.0293 7152  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:47:31.0324 7152  cdfs - ok
22:47:31.0355 7152  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:47:31.0371 7152  cdrom - ok
22:47:31.0402 7152  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:47:31.0433 7152  CertPropSvc - ok
22:47:31.0464 7152  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
22:47:31.0480 7152  circlass - ok
22:47:31.0511 7152  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:47:31.0527 7152  CLFS - ok
22:47:31.0573 7152  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:47:31.0573 7152  clr_optimization_v2.0.50727_32 - ok
22:47:31.0605 7152  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:47:31.0620 7152  clr_optimization_v2.0.50727_64 - ok
22:47:31.0683 7152  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:47:31.0698 7152  clr_optimization_v4.0.30319_32 - ok
22:47:31.0714 7152  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:47:31.0729 7152  clr_optimization_v4.0.30319_64 - ok
22:47:31.0761 7152  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:47:31.0776 7152  CmBatt - ok
22:47:31.0792 7152  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:47:31.0792 7152  cmdide - ok
22:47:31.0854 7152  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:47:31.0870 7152  CNG - ok
22:47:31.0917 7152  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:47:31.0932 7152  Compbatt - ok
22:47:31.0948 7152  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:47:31.0948 7152  CompositeBus - ok
22:47:31.0963 7152  COMSysApp - ok
22:47:32.0073 7152  [ F3D0368E158CFB62BE63BA7B4B7EC507 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:47:32.0088 7152  cphs - ok
22:47:32.0088 7152  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:47:32.0104 7152  crcdisk - ok
22:47:32.0151 7152  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:47:32.0166 7152  CryptSvc - ok
22:47:32.0213 7152  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:47:32.0244 7152  DcomLaunch - ok
22:47:32.0291 7152  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:47:32.0322 7152  defragsvc - ok
22:47:32.0353 7152  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:47:32.0385 7152  DfsC - ok
22:47:32.0416 7152  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:47:32.0431 7152  Dhcp - ok
22:47:32.0447 7152  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:47:32.0478 7152  discache - ok
22:47:32.0525 7152  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
22:47:32.0541 7152  Disk - ok
22:47:32.0572 7152  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:47:32.0572 7152  Dnscache - ok
22:47:32.0587 7152  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:47:32.0619 7152  dot3svc - ok
22:47:32.0619 7152  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:47:32.0650 7152  DPS - ok
22:47:32.0681 7152  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:47:32.0697 7152  drmkaud - ok
22:47:32.0728 7152  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:47:32.0759 7152  DXGKrnl - ok
22:47:32.0790 7152  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
22:47:32.0790 7152  e1yexpress - ok
22:47:32.0821 7152  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:47:32.0853 7152  EapHost - ok
22:47:32.0946 7152  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:47:32.0993 7152  ebdrv - ok
22:47:33.0024 7152  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:47:33.0024 7152  EFS - ok
22:47:33.0087 7152  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:47:33.0102 7152  ehRecvr - ok
22:47:33.0118 7152  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:47:33.0133 7152  ehSched - ok
22:47:33.0165 7152  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:47:33.0180 7152  elxstor - ok
22:47:33.0211 7152  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:47:33.0211 7152  ErrDev - ok
22:47:33.0243 7152  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:47:33.0289 7152  EventSystem - ok
22:47:33.0367 7152  [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:47:33.0383 7152  EvtEng - ok
22:47:33.0430 7152  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:47:33.0477 7152  exfat - ok
22:47:33.0492 7152  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:47:33.0523 7152  fastfat - ok
22:47:33.0570 7152  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:47:33.0586 7152  Fax - ok
22:47:33.0633 7152  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
22:47:33.0648 7152  fdc - ok
22:47:33.0679 7152  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:47:33.0711 7152  fdPHost - ok
22:47:33.0726 7152  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:47:33.0757 7152  FDResPub - ok
22:47:33.0773 7152  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:47:33.0773 7152  FileInfo - ok
22:47:33.0789 7152  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:47:33.0820 7152  Filetrace - ok
22:47:33.0867 7152  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:47:33.0882 7152  flpydisk - ok
22:47:33.0898 7152  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:47:33.0913 7152  FltMgr - ok
22:47:33.0976 7152  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:47:33.0991 7152  FontCache - ok
22:47:34.0038 7152  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:47:34.0038 7152  FontCache3.0.0.0 - ok
22:47:34.0054 7152  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:47:34.0069 7152  FsDepends - ok
22:47:34.0101 7152  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:47:34.0101 7152  Fs_Rec - ok
22:47:34.0163 7152  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:47:34.0179 7152  fvevol - ok
22:47:34.0210 7152  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:47:34.0225 7152  gagp30kx - ok
22:47:34.0303 7152  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:47:34.0303 7152  GamesAppService - ok
22:47:34.0366 7152  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:47:34.0397 7152  gpsvc - ok
22:47:34.0491 7152  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:47:34.0491 7152  gupdate - ok
22:47:34.0506 7152  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:47:34.0522 7152  gupdatem - ok
22:47:34.0553 7152  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:47:34.0553 7152  hcw85cir - ok
22:47:34.0584 7152  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:47:34.0600 7152  HdAudAddService - ok
22:47:34.0631 7152  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:47:34.0647 7152  HDAudBus - ok
22:47:34.0662 7152  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:47:34.0678 7152  HidBatt - ok
22:47:34.0693 7152  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:47:34.0709 7152  HidBth - ok
22:47:34.0740 7152  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:47:34.0756 7152  HidIr - ok
22:47:34.0787 7152  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:47:34.0818 7152  hidserv - ok
22:47:34.0849 7152  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:47:34.0865 7152  HidUsb - ok
22:47:34.0896 7152  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:47:34.0927 7152  hkmsvc - ok
22:47:34.0943 7152  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:47:34.0943 7152  HomeGroupListener - ok
22:47:34.0974 7152  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:47:34.0990 7152  HomeGroupProvider - ok
22:47:35.0021 7152  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:47:35.0021 7152  HpSAMD - ok
22:47:35.0068 7152  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:47:35.0099 7152  HTTP - ok
22:47:35.0115 7152  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:47:35.0130 7152  hwpolicy - ok
22:47:35.0161 7152  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:47:35.0161 7152  i8042prt - ok
22:47:35.0193 7152  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:47:35.0208 7152  iaStor - ok
22:47:35.0286 7152  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:47:35.0286 7152  IAStorDataMgrSvc - ok
22:47:35.0317 7152  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:47:35.0333 7152  iaStorV - ok
22:47:35.0364 7152  [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
22:47:35.0364 7152  ibtfltcoex - ok
22:47:35.0427 7152  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:47:35.0442 7152  idsvc - ok
22:47:35.0473 7152  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:47:35.0473 7152  iirsp - ok
22:47:35.0520 7152  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:47:35.0551 7152  IKEEXT - ok
22:47:35.0598 7152  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
22:47:35.0598 7152  intaud_WaveExtensible - ok
22:47:35.0723 7152  [ 6A0E2A1E2A1E1DBAA17EE02F3A7EF0A6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:47:35.0801 7152  IntcAzAudAddService - ok
22:47:35.0848 7152  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:47:35.0848 7152  IntcDAud - ok
22:47:35.0910 7152  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:47:35.0926 7152  Intel(R) Capability Licensing Service Interface - ok
22:47:35.0957 7152  [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:47:35.0973 7152  Intel(R) ME Service - ok
22:47:35.0988 7152  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:47:36.0004 7152  intelide - ok
22:47:36.0285 7152  [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
22:47:36.0456 7152  intelkmd - ok
22:47:36.0550 7152  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:47:36.0550 7152  intelppm - ok
22:47:36.0612 7152  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:47:36.0643 7152  IPBusEnum - ok
22:47:36.0659 7152  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:47:36.0690 7152  IpFilterDriver - ok
22:47:36.0753 7152  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:47:36.0768 7152  iphlpsvc - ok
22:47:36.0784 7152  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:47:36.0799 7152  IPMIDRV - ok
22:47:36.0799 7152  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:47:36.0831 7152  IPNAT - ok
22:47:36.0862 7152  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:47:36.0877 7152  IRENUM - ok
22:47:36.0893 7152  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:47:36.0909 7152  isapnp - ok
22:47:36.0940 7152  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:47:36.0940 7152  iScsiPrt - ok
22:47:36.0971 7152  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
22:47:36.0987 7152  iusb3hcs - ok
22:47:37.0018 7152  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
22:47:37.0033 7152  iusb3hub - ok
22:47:37.0049 7152  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:47:37.0080 7152  iusb3xhc - ok
22:47:37.0096 7152  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
22:47:37.0111 7152  iwdbus - ok
22:47:37.0143 7152  [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:47:37.0158 7152  jhi_service - ok
22:47:37.0174 7152  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:47:37.0189 7152  kbdclass - ok
22:47:37.0221 7152  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:47:37.0221 7152  kbdhid - ok
22:47:37.0252 7152  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:47:37.0267 7152  KeyIso - ok
22:47:37.0283 7152  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:47:37.0299 7152  KSecDD - ok
22:47:37.0314 7152  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:47:37.0330 7152  KSecPkg - ok
22:47:37.0361 7152  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:47:37.0392 7152  ksthunk - ok
22:47:37.0423 7152  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:47:37.0455 7152  KtmRm - ok
22:47:37.0517 7152  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:47:37.0548 7152  LanmanServer - ok
22:47:37.0579 7152  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:47:37.0611 7152  LanmanWorkstation - ok
22:47:37.0657 7152  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:47:37.0689 7152  lltdio - ok
22:47:37.0704 7152  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:47:37.0751 7152  lltdsvc - ok
22:47:37.0767 7152  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:47:37.0798 7152  lmhosts - ok
22:47:37.0845 7152  [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:47:37.0860 7152  LMS - ok
22:47:37.0907 7152  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:47:37.0907 7152  LSI_FC - ok
22:47:37.0938 7152  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:47:37.0954 7152  LSI_SAS - ok
22:47:37.0954 7152  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:47:37.0969 7152  LSI_SAS2 - ok
22:47:37.0985 7152  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:47:38.0001 7152  LSI_SCSI - ok
22:47:38.0016 7152  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:47:38.0047 7152  luafv - ok
22:47:38.0125 7152  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
22:47:38.0141 7152  McComponentHostService - ok
22:47:38.0157 7152  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:47:38.0172 7152  Mcx2Svc - ok
22:47:38.0188 7152  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:47:38.0203 7152  megasas - ok
22:47:38.0219 7152  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:47:38.0235 7152  MegaSR - ok
22:47:38.0266 7152  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:47:38.0281 7152  MEIx64 - ok
22:47:38.0359 7152  Microsoft SharePoint Workspace Audit Service - ok
22:47:38.0391 7152  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:47:38.0422 7152  MMCSS - ok
22:47:38.0437 7152  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:47:38.0469 7152  Modem - ok
22:47:38.0515 7152  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:47:38.0515 7152  monitor - ok
22:47:38.0547 7152  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:47:38.0562 7152  mouclass - ok
22:47:38.0593 7152  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:47:38.0609 7152  mouhid - ok
22:47:38.0640 7152  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:47:38.0656 7152  mountmgr - ok
22:47:38.0718 7152  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:47:38.0734 7152  MozillaMaintenance - ok
22:47:38.0796 7152  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:47:38.0812 7152  MpFilter - ok
22:47:38.0843 7152  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:47:38.0859 7152  mpio - ok
22:47:38.0859 7152  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:47:38.0890 7152  mpsdrv - ok
22:47:38.0937 7152  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:47:38.0968 7152  MpsSvc - ok
22:47:38.0999 7152  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:47:39.0015 7152  MRxDAV - ok
22:47:39.0030 7152  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:47:39.0046 7152  mrxsmb - ok
22:47:39.0046 7152  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:47:39.0061 7152  mrxsmb10 - ok
22:47:39.0077 7152  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:47:39.0093 7152  mrxsmb20 - ok
22:47:39.0108 7152  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:47:39.0124 7152  msahci - ok
22:47:39.0139 7152  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:47:39.0139 7152  msdsm - ok
22:47:39.0171 7152  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:47:39.0171 7152  MSDTC - ok
22:47:39.0202 7152  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:47:39.0233 7152  Msfs - ok
22:47:39.0264 7152  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:47:39.0295 7152  mshidkmdf - ok
22:47:39.0311 7152  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:47:39.0311 7152  msisadrv - ok
22:47:39.0342 7152  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:47:39.0373 7152  MSiSCSI - ok
22:47:39.0373 7152  msiserver - ok
22:47:39.0405 7152  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:47:39.0436 7152  MSKSSRV - ok
22:47:39.0514 7152  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:47:39.0514 7152  MsMpSvc - ok
22:47:39.0545 7152  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:47:39.0576 7152  MSPCLOCK - ok
22:47:39.0576 7152  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:47:39.0607 7152  MSPQM - ok
22:47:39.0623 7152  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:47:39.0639 7152  MsRPC - ok
22:47:39.0654 7152  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:47:39.0670 7152  mssmbios - ok
22:47:39.0685 7152  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:47:39.0717 7152  MSTEE - ok
22:47:39.0717 7152  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:47:39.0732 7152  MTConfig - ok
22:47:39.0748 7152  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:47:39.0763 7152  Mup - ok
22:47:39.0810 7152  [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:47:39.0826 7152  MyWiFiDHCPDNS - ok
22:47:39.0857 7152  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:47:39.0888 7152  napagent - ok
22:47:39.0919 7152  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:47:39.0951 7152  NativeWifiP - ok
22:47:40.0013 7152  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:47:40.0029 7152  NDIS - ok
22:47:40.0060 7152  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:47:40.0091 7152  NdisCap - ok
22:47:40.0122 7152  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:47:40.0153 7152  NdisTapi - ok
22:47:40.0185 7152  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:47:40.0216 7152  Ndisuio - ok
22:47:40.0231 7152  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:47:40.0263 7152  NdisWan - ok
22:47:40.0278 7152  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:47:40.0309 7152  NDProxy - ok
22:47:40.0325 7152  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:47:40.0356 7152  NetBIOS - ok
22:47:40.0372 7152  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:47:40.0403 7152  NetBT - ok
22:47:40.0419 7152  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:47:40.0419 7152  Netlogon - ok
22:47:40.0465 7152  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:47:40.0497 7152  Netman - ok
22:47:40.0543 7152  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0559 7152  NetMsmqActivator - ok
22:47:40.0559 7152  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0575 7152  NetPipeActivator - ok
22:47:40.0606 7152  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:47:40.0653 7152  netprofm - ok
22:47:40.0668 7152  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0668 7152  NetTcpActivator - ok
22:47:40.0668 7152  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0684 7152  NetTcpPortSharing - ok
22:47:40.0933 7152  [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
22:47:41.0058 7152  NETwNs64 - ok
22:47:41.0089 7152  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:47:41.0105 7152  nfrd960 - ok
22:47:41.0152 7152  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:47:41.0152 7152  NisDrv - ok
22:47:41.0199 7152  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:47:41.0214 7152  NisSrv - ok
22:47:41.0230 7152  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:47:41.0245 7152  NlaSvc - ok
22:47:41.0277 7152  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:47:41.0308 7152  Npfs - ok
22:47:41.0339 7152  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:47:41.0370 7152  nsi - ok
22:47:41.0386 7152  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:47:41.0417 7152  nsiproxy - ok
22:47:41.0495 7152  [ B8965FB53551B5455630A4B804D0791F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:47:41.0526 7152  Ntfs - ok
22:47:41.0557 7152  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:47:41.0589 7152  Null - ok
22:47:41.0807 7152  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:47:41.0979 7152  nvlddmkm - ok
22:47:42.0010 7152  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:47:42.0025 7152  nvraid - ok
22:47:42.0057 7152  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:47:42.0057 7152  nvstor - ok
22:47:42.0088 7152  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:47:42.0103 7152  nv_agp - ok
22:47:42.0135 7152  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:47:42.0135 7152  ohci1394 - ok
22:47:42.0181 7152  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:47:42.0197 7152  ose - ok
22:47:42.0322 7152  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:47:42.0400 7152  osppsvc - ok
22:47:42.0415 7152  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:47:42.0431 7152  p2pimsvc - ok
22:47:42.0462 7152  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:47:42.0462 7152  p2psvc - ok
22:47:42.0493 7152  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
22:47:42.0509 7152  Parport - ok
22:47:42.0540 7152  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:47:42.0540 7152  partmgr - ok
22:47:42.0571 7152  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:47:42.0587 7152  PcaSvc - ok
22:47:42.0618 7152  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:47:42.0618 7152  pci - ok
22:47:42.0649 7152  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:47:42.0665 7152  pciide - ok
22:47:42.0681 7152  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:47:42.0696 7152  pcmcia - ok
22:47:42.0712 7152  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:47:42.0727 7152  pcw - ok
22:47:42.0743 7152  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:47:42.0790 7152  PEAUTH - ok
22:47:42.0899 7152  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:47:42.0899 7152  PerfHost - ok
22:47:42.0946 7152  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:47:42.0993 7152  pla - ok
22:47:43.0039 7152  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:47:43.0055 7152  PlugPlay - ok
22:47:43.0133 7152  [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
22:47:43.0149 7152  PMBDeviceInfoProvider - ok
22:47:43.0164 7152  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:47:43.0180 7152  PNRPAutoReg - ok
22:47:43.0195 7152  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:47:43.0211 7152  PNRPsvc - ok
22:47:43.0242 7152  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:47:43.0289 7152  PolicyAgent - ok
22:47:43.0289 7152  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:47:43.0336 7152  Power - ok
22:47:43.0351 7152  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:47:43.0383 7152  PptpMiniport - ok
22:47:43.0398 7152  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
22:47:43.0414 7152  Processor - ok
22:47:43.0429 7152  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:47:43.0445 7152  ProfSvc - ok
22:47:43.0461 7152  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:47:43.0476 7152  ProtectedStorage - ok
22:47:43.0507 7152  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:47:43.0539 7152  Psched - ok
22:47:43.0570 7152  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:47:43.0570 7152  PxHlpa64 - ok
22:47:43.0648 7152  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:47:43.0679 7152  ql2300 - ok
22:47:43.0695 7152  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:47:43.0695 7152  ql40xx - ok
22:47:43.0726 7152  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:47:43.0741 7152  QWAVE - ok
22:47:43.0757 7152  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:47:43.0773 7152  QWAVEdrv - ok
22:47:43.0788 7152  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:47:43.0819 7152  RasAcd - ok
22:47:43.0851 7152  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:47:43.0882 7152  RasAgileVpn - ok
22:47:43.0897 7152  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:47:43.0929 7152  RasAuto - ok
22:47:43.0944 7152  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:47:43.0975 7152  Rasl2tp - ok
22:47:44.0007 7152  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:47:44.0038 7152  RasMan - ok
22:47:44.0053 7152  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:47:44.0085 7152  RasPppoe - ok
22:47:44.0116 7152  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:47:44.0163 7152  RasSstp - ok
22:47:44.0178 7152  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:47:44.0209 7152  rdbss - ok
22:47:44.0225 7152  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:47:44.0241 7152  rdpbus - ok
22:47:44.0256 7152  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:47:44.0303 7152  RDPCDD - ok
22:47:44.0303 7152  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:47:44.0334 7152  RDPENCDD - ok
22:47:44.0350 7152  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:47:44.0381 7152  RDPREFMP - ok
22:47:44.0412 7152  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:47:44.0412 7152  RDPWD - ok
22:47:44.0459 7152  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:47:44.0475 7152  rdyboost - ok
22:47:44.0521 7152  [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:47:44.0537 7152  RegSrvc - ok
22:47:44.0553 7152  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:47:44.0584 7152  RemoteAccess - ok
22:47:44.0615 7152  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:47:44.0646 7152  RemoteRegistry - ok
22:47:44.0693 7152  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:47:44.0709 7152  RFCOMM - ok
22:47:44.0755 7152  [ 76157F737959CECF9AC4AE5783493075 ] rimssne         C:\Windows\system32\DRIVERS\rimssne64.sys
22:47:44.0771 7152  rimssne - ok
22:47:44.0771 7152  [ 0D45CECAAAB65E5598E8DD8BBD2CBDD2 ] risdsnxc        C:\Windows\system32\DRIVERS\risdsnxc64.sys
22:47:44.0787 7152  risdsnxc - ok
22:47:44.0802 7152  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:47:44.0849 7152  RpcEptMapper - ok
22:47:44.0865 7152  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:47:44.0880 7152  RpcLocator - ok
22:47:44.0896 7152  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:47:44.0943 7152  RpcSs - ok
22:47:44.0974 7152  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:47:45.0005 7152  rspndr - ok
22:47:45.0036 7152  [ 39A719875F572241C585A629EE62EB14 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:47:45.0052 7152  RTL8167 - ok
22:47:45.0099 7152  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:47:45.0099 7152  SamSs - ok
22:47:45.0130 7152  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:47:45.0145 7152  sbp2port - ok
22:47:45.0177 7152  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:47:45.0208 7152  SCardSvr - ok
22:47:45.0223 7152  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:47:45.0255 7152  scfilter - ok
22:47:45.0286 7152  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:47:45.0317 7152  Schedule - ok
22:47:45.0395 7152  SCManager - ok
22:47:45.0411 7152  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:47:45.0457 7152  SCPolicySvc - ok
22:47:45.0489 7152  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:47:45.0504 7152  sdbus - ok
22:47:45.0535 7152  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:47:45.0551 7152  SDRSVC - ok
22:47:45.0567 7152  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:47:45.0598 7152  secdrv - ok
22:47:45.0613 7152  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:47:45.0645 7152  seclogon - ok
22:47:45.0676 7152  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:47:45.0707 7152  SENS - ok
22:47:45.0738 7152  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:47:45.0738 7152  SensrSvc - ok
22:47:45.0754 7152  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:47:45.0769 7152  Serenum - ok
22:47:45.0801 7152  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
22:47:45.0816 7152  Serial - ok
22:47:45.0832 7152  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:47:45.0847 7152  sermouse - ok
22:47:45.0879 7152  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:47:45.0910 7152  SessionEnv - ok
22:47:45.0941 7152  [ 85D0F874734C105D02280B39BF0AD23F ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
22:47:45.0957 7152  SFEP - ok
22:47:45.0972 7152  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:47:45.0988 7152  sffdisk - ok
22:47:45.0988 7152  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:47:46.0003 7152  sffp_mmc - ok
22:47:46.0003 7152  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:47:46.0019 7152  sffp_sd - ok
22:47:46.0019 7152  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:47:46.0035 7152  sfloppy - ok
22:47:46.0066 7152  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:47:46.0097 7152  SharedAccess - ok
22:47:46.0128 7152  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:47:46.0159 7152  ShellHWDetection - ok
22:47:46.0206 7152  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:47:46.0206 7152  SiSRaid2 - ok
22:47:46.0222 7152  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:47:46.0237 7152  SiSRaid4 - ok
22:47:46.0315 7152  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:47:46.0315 7152  SkypeUpdate - ok
22:47:46.0347 7152  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:47:46.0393 7152  Smb - ok
22:47:46.0425 7152  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:47:46.0440 7152  SNMPTRAP - ok
22:47:46.0518 7152  [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
22:47:46.0534 7152  SOHCImp - ok
22:47:46.0549 7152  [ 16FD95781117E13107D477AE36219E6F ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
22:47:46.0549 7152  SOHDs - ok
22:47:46.0596 7152  [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
22:47:46.0596 7152  Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning
22:47:46.0596 7152  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1)
22:47:46.0643 7152  [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
22:47:46.0659 7152  SpfService - ok
22:47:46.0690 7152  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:47:46.0690 7152  spldr - ok
22:47:46.0721 7152  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
22:47:46.0737 7152  Spooler - ok
22:47:46.0830 7152  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:47:46.0893 7152  sppsvc - ok
22:47:46.0908 7152  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:47:46.0939 7152  sppuinotify - ok
22:47:46.0955 7152  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:47:46.0971 7152  srv - ok
22:47:47.0002 7152  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:47:47.0018 7152  srv2 - ok
22:47:47.0033 7152  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:47:47.0049 7152  srvnet - ok
22:47:47.0080 7152  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:47:47.0127 7152  SSDPSRV - ok
22:47:47.0127 7152  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:47:47.0158 7152  SstpSvc - ok
22:47:47.0174 7152  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:47:47.0189 7152  stexstor - ok
22:47:47.0220 7152  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:47:47.0252 7152  stisvc - ok
22:47:47.0267 7152  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:47:47.0267 7152  swenum - ok
22:47:47.0298 7152  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:47:47.0345 7152  swprv - ok
22:47:47.0392 7152  [ A7B18B920901CD5E11B196869C6F9F0E ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:47:47.0408 7152  SynTP - ok
22:47:47.0454 7152  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:47:47.0486 7152  SysMain - ok
22:47:47.0501 7152  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:47:47.0532 7152  TabletInputService - ok
22:47:47.0548 7152  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:47:47.0579 7152  TapiSrv - ok
22:47:47.0595 7152  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:47:47.0642 7152  TBS - ok
22:47:47.0704 7152  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:47:47.0735 7152  Tcpip - ok
22:47:47.0782 7152  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:47:47.0829 7152  TCPIP6 - ok
22:47:47.0860 7152  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:47:47.0876 7152  tcpipreg - ok
22:47:47.0891 7152  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:47:47.0907 7152  TDPIPE - ok
22:47:47.0922 7152  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:47:47.0938 7152  TDTCP - ok
22:47:47.0954 7152  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:47:47.0985 7152  tdx - ok
22:47:48.0000 7152  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:47:48.0016 7152  TermDD - ok
22:47:48.0047 7152  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:47:48.0094 7152  TermService - ok
22:47:48.0094 7152  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:47:48.0110 7152  Themes - ok
22:47:48.0141 7152  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:47:48.0172 7152  THREADORDER - ok
22:47:48.0203 7152  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:47:48.0234 7152  TrkWks - ok
22:47:48.0281 7152  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:47:48.0312 7152  TrustedInstaller - ok
22:47:48.0328 7152  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:47:48.0359 7152  tssecsrv - ok
22:47:48.0375 7152  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:47:48.0390 7152  TsUsbFlt - ok
22:47:48.0406 7152  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:47:48.0406 7152  TsUsbGD - ok
22:47:48.0437 7152  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:47:48.0468 7152  tunnel - ok
22:47:48.0468 7152  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:47:48.0484 7152  uagp35 - ok
22:47:48.0500 7152  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:47:48.0546 7152  udfs - ok
22:47:48.0593 7152  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:47:48.0593 7152  UI0Detect - ok
22:47:48.0624 7152  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:47:48.0640 7152  uliagpkx - ok
22:47:48.0656 7152  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:47:48.0656 7152  umbus - ok
22:47:48.0687 7152  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:47:48.0687 7152  UmPass - ok
22:47:48.0765 7152  [ D80B1075B69B57A3AB78F750CE463ECE ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:47:48.0780 7152  UNS - ok
22:47:48.0812 7152  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:47:48.0843 7152  upnphost - ok
22:47:48.0874 7152  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:47:48.0890 7152  usbccgp - ok
22:47:48.0921 7152  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:47:48.0921 7152  usbcir - ok
22:47:48.0936 7152  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:47:48.0952 7152  usbehci - ok
22:47:48.0983 7152  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:47:48.0999 7152  usbhub - ok
22:47:48.0999 7152  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:47:49.0014 7152  usbohci - ok
22:47:49.0046 7152  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:47:49.0061 7152  usbprint - ok
22:47:49.0077 7152  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:47:49.0092 7152  USBSTOR - ok
22:47:49.0092 7152  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:47:49.0108 7152  usbuhci - ok
22:47:49.0124 7152  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:47:49.0139 7152  usbvideo - ok
22:47:49.0155 7152  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:47:49.0186 7152  UxSms - ok
22:47:49.0233 7152  [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
22:47:49.0248 7152  VAIO Event Service - ok
22:47:49.0326 7152  [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
22:47:49.0358 7152  VAIO Power Management - ok
22:47:49.0358 7152  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:47:49.0373 7152  VaultSvc - ok
22:47:49.0436 7152  [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
22:47:49.0451 7152  VCFw - ok
22:47:49.0514 7152  [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
22:47:49.0529 7152  VcmIAlzMgr - ok
22:47:49.0576 7152  [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
22:47:49.0592 7152  VcmINSMgr - ok
22:47:49.0623 7152  [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
22:47:49.0638 7152  VcmXmlIfHelper - ok
22:47:49.0701 7152  [ 9F2D25FA154A32C8C80420A46FBBF815 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
22:47:49.0701 7152  VCService - ok
22:47:49.0732 7152  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:47:49.0732 7152  vdrvroot - ok
22:47:49.0763 7152  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:47:49.0794 7152  vds - ok
22:47:49.0826 7152  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:47:49.0841 7152  vga - ok
22:47:49.0857 7152  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:47:49.0888 7152  VgaSave - ok
22:47:49.0904 7152  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:47:49.0919 7152  vhdmp - ok
22:47:49.0935 7152  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:47:49.0950 7152  viaide - ok
22:47:49.0966 7152  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:47:49.0982 7152  volmgr - ok
22:47:49.0997 7152  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:47:50.0013 7152  volmgrx - ok
22:47:50.0028 7152  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:47:50.0044 7152  volsnap - ok
22:47:50.0091 7152  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:47:50.0106 7152  vsmraid - ok
22:47:50.0169 7152  [ 809E14B31DCB9BA57F700232FB63AB28 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
22:47:50.0200 7152  VSNService - ok
22:47:50.0247 7152  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:47:50.0294 7152  VSS - ok
22:47:50.0372 7152  [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
22:47:50.0403 7152  VUAgent - ok
22:47:50.0418 7152  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:47:50.0434 7152  vwifibus - ok
22:47:50.0465 7152  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:47:50.0481 7152  vwififlt - ok
22:47:50.0496 7152  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:47:50.0512 7152  vwifimp - ok
22:47:50.0559 7152  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:47:50.0637 7152  W32Time - ok
22:47:50.0668 7152  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:47:50.0684 7152  WacomPen - ok
22:47:50.0730 7152  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:47:50.0762 7152  WANARP - ok
22:47:50.0762 7152  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:47:50.0793 7152  Wanarpv6 - ok
22:47:50.0855 7152  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:47:50.0886 7152  WatAdminSvc - ok
22:47:50.0933 7152  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:47:50.0964 7152  wbengine - ok
22:47:50.0980 7152  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:47:50.0996 7152  WbioSrvc - ok
22:47:51.0027 7152  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:47:51.0042 7152  wcncsvc - ok
22:47:51.0058 7152  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:47:51.0058 7152  WcsPlugInService - ok
22:47:51.0089 7152  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
22:47:51.0089 7152  Wd - ok
22:47:51.0136 7152  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:47:51.0167 7152  Wdf01000 - ok
22:47:51.0167 7152  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:47:51.0198 7152  WdiServiceHost - ok
22:47:51.0198 7152  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:47:51.0214 7152  WdiSystemHost - ok
22:47:51.0245 7152  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:47:51.0261 7152  WebClient - ok
22:47:51.0276 7152  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:47:51.0308 7152  Wecsvc - ok
22:47:51.0339 7152  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:47:51.0370 7152  wercplsupport - ok
22:47:51.0401 7152  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:47:51.0432 7152  WerSvc - ok
22:47:51.0464 7152  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:47:51.0495 7152  WfpLwf - ok
22:47:51.0526 7152  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:47:51.0526 7152  WIMMount - ok
22:47:51.0542 7152  WinDefend - ok
22:47:51.0557 7152  WinHttpAutoProxySvc - ok
22:47:51.0604 7152  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:47:51.0635 7152  Winmgmt - ok
22:47:51.0698 7152  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:47:51.0744 7152  WinRM - ok
22:47:51.0791 7152  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:47:51.0807 7152  Wlansvc - ok
22:47:51.0869 7152  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:47:51.0869 7152  wlcrasvc - ok
22:47:51.0963 7152  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:47:51.0994 7152  wlidsvc - ok
22:47:52.0025 7152  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:47:52.0025 7152  WmiAcpi - ok
22:47:52.0056 7152  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:47:52.0072 7152  wmiApSrv - ok
22:47:52.0103 7152  WMPNetworkSvc - ok
22:47:52.0119 7152  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:47:52.0134 7152  WPCSvc - ok
22:47:52.0150 7152  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:47:52.0166 7152  WPDBusEnum - ok
22:47:52.0181 7152  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:47:52.0212 7152  ws2ifsl - ok
22:47:52.0228 7152  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:47:52.0244 7152  wscsvc - ok
22:47:52.0244 7152  WSearch - ok
22:47:52.0322 7152  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:47:52.0353 7152  wuauserv - ok
22:47:52.0400 7152  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:47:52.0415 7152  WudfPf - ok
22:47:52.0462 7152  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:47:52.0478 7152  WUDFRd - ok
22:47:52.0493 7152  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:47:52.0493 7152  wudfsvc - ok
22:47:52.0524 7152  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:47:52.0540 7152  WwanSvc - ok
22:47:52.0618 7152  [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:47:52.0634 7152  ZeroConfigService - ok
22:47:52.0665 7152  ================ Scan global ===============================
22:47:52.0696 7152  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:47:52.0727 7152  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:47:52.0727 7152  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:47:52.0743 7152  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:47:52.0774 7152  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:47:52.0774 7152  [Global] - ok
22:47:52.0774 7152  ================ Scan MBR ==================================
22:47:52.0790 7152  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:47:52.0930 7152  \Device\Harddisk0\DR0 - ok
22:47:52.0930 7152  ================ Scan VBR ==================================
22:47:52.0946 7152  [ 82947831F7C9A487BF59E32E7DD827B6 ] \Device\Harddisk0\DR0\Partition1
22:47:52.0946 7152  \Device\Harddisk0\DR0\Partition1 - ok
22:47:52.0961 7152  [ EE59F1C4E4778248B84F46B0D7F06853 ] \Device\Harddisk0\DR0\Partition2
22:47:52.0961 7152  \Device\Harddisk0\DR0\Partition2 - ok
22:47:52.0977 7152  [ E4AD0E98DF70F1B0B419D7EBEBD0A781 ] \Device\Harddisk0\DR0\Partition3
22:47:52.0977 7152  \Device\Harddisk0\DR0\Partition3 - ok
22:47:52.0992 7152  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
22:47:52.0992 7152  \Device\Harddisk0\DR0\Partition4 - ok
22:47:53.0008 7152  [ 4F03F06F7D12262502ABEF96473520A6 ] \Device\Harddisk0\DR0\Partition5
22:47:53.0008 7152  \Device\Harddisk0\DR0\Partition5 - ok
22:47:53.0008 7152  ============================================================
22:47:53.0008 7152  Scan finished
22:47:53.0008 7152  ============================================================
22:47:53.0008 0916  Detected object count: 1
22:47:53.0008 0916  Actual detected object count: 1
22:48:07.0282 0916  Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:48:07.0282 0916  Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:48:10.0776 6384  Deinitialize success
         
Wie soll ich weiter verfahren?
Danke für deine Hilfe!
MS

Alt 25.04.2013, 12:18   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.04.2013, 17:46   #8
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hi,

hier die Logdateien:

1. Malwarebytes:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.25.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
ms :: BOERTA [Administrator]

25.04.2013 14:42:17
mbam-log-2013-04-25 (14-42-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214414
Laufzeit: 5 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
2. ESET:


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c9f3f901e755de4c9caea55d150933f2
# engine=13693
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-25 03:32:48
# local_time=2013-04-25 05:32:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 31939995 118533818 0 0
# scanned=203170
# found=0
# cleaned=0
# scan_time=8893
         

Scheint für das Laienauge gut zu sein!

Was sagst du?
Danke,
MS.

Alt 25.04.2013, 22:50   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.04.2013, 18:35   #10
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Es gibt zur Zeit keine erkennbaren Probleme mehr!

Danke für deine Tips! Ich habe MVPS installiert und werde mir den Rest noch anschauen.
Ich verstehe nur nicht...Hatte ich ein Problem mit Cookies? Ich dachte, ich hätte mir irgendeine Malware bei einem Download mit runter geladen? Kann ich dagegen irgendwie vorbeugen...außer nur von vertrauenswürdigen Seiten runterladen? Ich dachte, das hätte ich getan. Aber anscheinend habe ich mich geirrt.

Herzlichen Dank nochmal für deine Hilfe!

MS.

Alt 26.04.2013, 23:57   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Dann wären wir durch!


Falls du noch Lob oder Kritik loswerden möchtest => http://www.trojaner-board.de/lob-kritik-wuensche/



Die Programme, die hier zum Einsatz kamen, können alle wieder runter.

Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen

Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.

Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.04.2013, 01:48   #12
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Spitze, danke!

Natürlich werde ich noch Feedback abgeben und das Forum diesmal auch finanziell unterstützen. Bei der Frequenz mit der ich euch behellige, ist das durchaus angebracht!

Dann mach ich mich mal an deine weiteren Sicherheitstips und hoffe, dass ich mich nicht sobald wieder melden muss!

LG
MS.

Alt 29.04.2013, 16:34   #13
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Hallo cosinus,

ich muss mich leider nochmal melden. Ich weiß gar nicht, ob das Thema "beendet" ist und damit nicht mehr beachtet wird, aber ich probier es mal.

Das "Yahoo"-Ding bin ich offensichtlich immer noch nicht los. Ich hab heute eine Url ohne .com eingegeben. Ich wurde sofort auf die Yahoo-Suchseite weitergeleitet. Ich habe es jetzt erst bemerkt, weil ich meine gesamten Verlauf, Cookies, Anmeldungsdaten etc gelöscht habe und die Autovervollständigung nicht mehr möglich war.
Zuvor wurde ich in solchen Fällen auf die Google-Seite weitergeleitet.

Was kann da sein? Was soll ich noch machen!

LG MS.

Alt 29.04.2013, 16:37   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Klick doch mal im Suchfeld auf den kleinen Pfeil neben der eigestellten Suchmaschine und dann Suchmaschinen verwalten...dort yahoo rausnehmen wenns denn so nervt!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.04.2013, 16:43   #15
hilflos001
 
Yahoo.com plötzlich als Startseite - Standard

Yahoo.com plötzlich als Startseite



Wow, das ging ja schnell.
Wegen Nerven wärs nicht...Ich hab nur Sorge, etwas zurück behalten zu haben.
Bei diesem Suchfeld habe ich Yahoo schon entfernt, bevor ich diesen Thread gestartet habe. Sofort nachdem ich Unregelmäßigkeiten bemerkt habe. Yahoo wird dort auch nicht mehr als Suchmaschine gelistet.

Wenn du meinst, das macht nichts, ist es mir egal, dann lass ich es einfach so, aber ich habe ein gewisses Misstrauen bei der Verwendung meines Rechners. Ich weiß ja nicht, was sich da alles noch verstecken kann.

Jedenfalls danke für Deine Hilfe!
MS.

Antwort

Themen zu Yahoo.com plötzlich als Startseite
adobe, adobe flash player, application/pdf:, autorun, bho, bingbar, error, escan, firefox, flash player, format, harddisk, home, igdpmd64.sys, leitet, logfile, microsoft, monitor.exe, programme, prozess, realtek, registry, security, senden, spyware, taskhost.exe, temp, tracker, usb, wildtangent games, windows, yahoo toolbar, yahoo.com



Ähnliche Themen: Yahoo.com plötzlich als Startseite


  1. Yahoo Toolbar
    Plagegeister aller Art und deren Bekämpfung - 18.09.2015 (17)
  2. yahoo suche (startseite + neuer tab) in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 14.09.2015 (25)
  3. Yahoo startseite eingefangen und nicht mehr los zu werden.
    Plagegeister aller Art und deren Bekämpfung - 14.08.2015 (3)
  4. Yahoo Startseite eingefangen
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (17)
  5. Windows 8.1: Startseite im Browser wird auf Yahoo umgeleitet, Webseiten blenden Werbung von Strong Signal ein
    Log-Analyse und Auswertung - 08.06.2015 (9)
  6. Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern
    Log-Analyse und Auswertung - 10.04.2015 (11)
  7. name@yahoo.com Spam
    Überwachung, Datenschutz und Spam - 04.12.2014 (8)
  8. Neue Startseite bei Firefox plötzlich webssearches.com
    Plagegeister aller Art und deren Bekämpfung - 11.04.2014 (9)
  9. Spigot-Infektion des Browsers (Startseite: http://ch.search.yahoo.com/?type=198484&fr=spigot-yhp-ie)
    Log-Analyse und Auswertung - 29.03.2014 (15)
  10. Windows 7: Browser Startseite ist unveränderbar yahoo ...mit spigot
    Log-Analyse und Auswertung - 19.01.2014 (6)
  11. Yahoo als Virenschleuder: Yahoo.com griff europäische Besucher an
    Nachrichten - 06.01.2014 (0)
  12. ungewollte Spigot Yahoo search Startseite
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (21)
  13. Firefox macht sich selbständig (extrem viele Fenster, plötzlich öffnende Startseite)
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (21)
  14. Startseite ist nicht mehr Startseite
    Log-Analyse und Auswertung - 17.10.2013 (5)
  15. Yahoo Toolbar
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (7)
  16. Startseite hat sich plötzlich verändert
    Log-Analyse und Auswertung - 01.10.2006 (6)
  17. wrs.yahoo.com
    Plagegeister aller Art und deren Bekämpfung - 06.09.2006 (2)

Zum Thema Yahoo.com plötzlich als Startseite - Hallo, ich bin leider schon wieder auf eure Hilfe angewiesen und hoffe, ihr leitet mich wieder so nett durch den ganzen Prozess durch wie beim ersten Mal. Wie im Betreff - Yahoo.com plötzlich als Startseite...
Archiv
Du betrachtest: Yahoo.com plötzlich als Startseite auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.