Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mahnung mit Anhang handyshop.de

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.05.2013, 12:43   #1
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Hallo,

ich wollte kein neuen Thread aufmachen deshalb frage ich hier.
Ich habe das gleiche Problemwie Kollege Ak-double1, bloß meine Frau hat die MSDOS.exe Datei die in den Email als Anhang war ausgeführt.
Ich habe Windows 8 64 bit auf den Laptop.
Als Virenscanner arbeitet der Bitdefender 2013.
Ich habe die gepackte MSDOS Datei auf dem Desktop gespeichert und sofort mein System mit dem Bitdefender gecheckt.
Keine Viren gefunden.

Danach habe ich noch mir den Malwarebytes und Eset Onlne ein Vollscan gemacht.
Bei Malwarebytes war das System sauber, Eset hat nach 6 Std. Scan ein Virus Win32/Trustezeb.C in der gespeicherte MSDOS.exe Datei auf dem Desktop gefunden, sonst alles sauber.
Ich habe die verseuchte Datei bei Virustotal.com hochgeladen.
Es waren 13 von 48 Treffer mit verschieden Virennamen.
Kann es sein das Win 8 die Datei gar nicht ausgeführt hat ???
Kann ich nach dem ganzen Scans jetzt sicher sein das mein System sauber ist?

Was sagen die Experten.
Vielen Dank in Voraus.

Gruß

janek

(edit)
wir haben hier aber die Regel, dass jeder Hilfesuchende einen neuen Strang eröffnet. Deswegen wird dein Beitrag in einem eigenen Strang verwandelt.

cosinus
(/edit)

Geändert von cosinus (08.05.2013 um 12:58 Uhr)

Alt 08.05.2013, 13:41   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de





Zitat:
Eset hat nach 6 Std. Scan ein Virus Win32/Trustezeb.C in der gespeicherte MSDOS.exe Datei auf dem Desktop gefunden, sonst alles sauber.
Bitte immer die Logs dazu posten, poste bitte auch den Link von Virustotal zu dieser Datei

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 08.05.2013, 13:57   #3
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Hie der Eset log
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=176b80706947ca4dba6445b154e3fb9b
# engine=13779
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-08 10:50:58
# local_time=2013-05-08 12:50:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5893 16776574 100 94 4042353 27516369 0 0
# scanned=228721
# found=1
# cleaned=0
# scan_time=20514
sh=0A0A2A0D7B209F842F92E6A8AAEBAAFE5BDE9579 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C trojan" ac=I fn="C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip"
         
und der Link zu Virustotal.com:

https://www.virustotal.com/de/file/e15378cca0354a65a969da9b5858948be0528d954ab97df79024bbbf1b7fb5ae/analysis/

Ich hoffe das mein System sauber ist.

Gruß
janek
__________________

Alt 08.05.2013, 14:03   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Hm, Bitdefender scheint die Datei schon zu erkennen. Fraglich ob dein Bitdefender schon aktuell genug war.


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.05.2013, 15:35   #5
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



So,

ich habe die datei gestern und heute an virustotat.com hochgeladen.
Gestern hat der Bitdefender die nicht erkannt, heute wo ich die Datei nochmal übeprüft habe schlug er Alarm
Trojan.GenericKD.978772
Hier die Otl logs:

Otl.txt
Code:
ATTFilter
OTL logfile created on: 08.05.2013 16:21:37 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 76,18% Memory free
9,14 Gb Paging File | 6,06 Gb Available in Paging File | 66,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 235,13 Gb Free Space | 54,73% Space Free | Partition Type: NTFS
 
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Marko\Desktop\otl.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Users\Marko\AppData\Roaming\Dropbox\bin\dropbox.exe (Dropbox, Inc.)
PRC - c:\program files (x86)\google\update\1.3.21.135\googlecrashhandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\vesmgrsub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\isbmgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe ()
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\pmbvolumewatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\cnmnsst.exe (CANON INC.)
PRC - C:\Program Files (x86)\SlySoft\CloneCD\clonecdtray.exe (SlySoft, Inc.)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Sony\VAIO Care\listener.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfeicfcoreocp) -- C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe File not found
SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe ()
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (SafeBox) -- C:\Programme\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (VMLiteService) -- C:\Programme\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (OpenSSHd) -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avc3) -- C:\Windows\SysNative\Drivers\avc3.sys (BitDefender)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\Drivers\avckf.sys (BitDefender)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\Drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\Drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (TVICHW32) -- C:\Windows\SysNative\Drivers\TVicHW32.sys (EnTech Taiwan)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\Drivers\btath_vdp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\Drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\Drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\Drivers\avchv.sys (BitDefender)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\Drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\Drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\Drivers\bdvedisk.sys (BitDefender)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\Drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (bdelam) -- C:\Windows\SysNative\Drivers\bdelam.sys (Bitdefender)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (SOWS) -- C:\Windows\SysNative\Drivers\sows.sys (Sony Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\Drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (BazisVirtualCDBus) -- C:\Windows\SysNative\Drivers\BazisVirtualCDBus.sys (SysProgs.org)
DRV:64bit: - (VMLiteUSBMon) -- C:\Windows\SysNative\Drivers\vmliteusbmon.sys (VMLite, Inc.)
DRV:64bit: - (vmlitestor) -- C:\Windows\SysNative\Drivers\vmlitestor.sys (VMLite, Inc.)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (VMLite, Inc.)
DRV:64bit: - (vmlitedrv) -- C:\Windows\SysNative\Drivers\vmlitedrv.sys (VMLite, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (BdfNdisf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (TVICHW32) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys (EnTech Taiwan)
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys (LogMeIn, Inc.)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.diesiedleronline.de/de/startseite
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes,DefaultScope = {AE2FE55A-7608-47C7-B864-2B8F719BA3B1}
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{50EFAEF8-9B78-4A78-8B95-D180254CEC32}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{AE2FE55A-7608-47C7-B864-2B8F719BA3B1}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.mydealz.de/"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: crossriderapp16150%40crossrider.com:0.91.39
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.autoconfig_url: "https://secure.premiumize.me/aebe55ce14110e7eaa033cfa2e2f22e3/proxy.pac"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.01.07 21:52:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 19:33:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.07 21:34:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.01.07 21:52:36 | 000,000,000 | ---D | M]
 
[2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions
[2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.05.07 20:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions
[2013.05.07 20:39:50 | 000,000,000 | ---D | M] ("DKB-Cashback") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com
[2013.01.07 22:03:33 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\foxmarks@kei.com
[2013.05.07 20:39:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com\chrome\content\extensionCode
[2013.05.01 19:52:16 | 000,242,286 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi
[2013.02.14 19:45:55 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.07 21:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 19:33:49 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://sony13.msn.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Drive = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: DKB-Cashback = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\crossrider
CHR - Extension: DKB-Cashback = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\
CHR - Extension: Google Mail = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DKB-Cashback) - {11111111-1111-1111-1111-110111611150} - C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.dll (dkbbrowserextension)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [BrowserChoice] C:\Windows\BrowserChoice\browserchoice.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [icq] C:\Users\Marko\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marko\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1894D1E-4985-41E1-A93F-16481E55A7A1}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.08 16:19:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.05.08 07:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.05.07 19:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.07 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\mbar
[2013.05.07 15:17:36 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\DKB-Cashback
[2013.05.07 15:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DKB-Cashback
[2013.05.06 18:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON
[2013.05.04 13:42:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\My Recorded Scripts
[2013.05.04 13:42:08 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Nemex
[2013.05.04 13:42:06 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Mouse Recorder Pro
[2013.05.04 13:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nemex
[2013.05.04 13:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2
[2013.05.03 16:26:43 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Google
[2013.05.03 16:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013.05.03 16:20:31 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Ashampoo
[2013.05.03 16:15:34 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\ashampoo
[2013.05.03 16:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2013.05.03 16:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2013.05.03 16:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2013.05.03 16:14:35 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Programs
[2013.05.03 15:19:04 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Neuer Ordner
[2013.05.01 11:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.05.01 11:00:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.05.01 11:00:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.05.01 11:00:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.29 18:01:36 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013.04.29 18:01:32 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013.04.23 15:56:56 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\tomi
[2013.04.20 11:04:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Medion
[2013.04.13 10:32:42 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2013.04.13 10:32:27 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.04.13 10:32:23 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2013.04.13 10:32:20 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2013.04.13 10:32:13 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013.04.13 10:32:11 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.13 10:32:11 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2013.04.13 10:32:09 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013.04.13 10:32:09 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013.04.13 10:32:08 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013.04.13 10:32:08 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll
[2013.04.13 10:32:07 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2013.04.13 10:32:06 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2013.04.13 10:32:06 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll
[2013.04.13 10:32:05 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.04.13 10:32:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.04.13 10:32:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll
[2013.04.13 10:32:04 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2013.04.13 10:32:03 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.13 10:32:01 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.04.13 10:32:01 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2013.04.13 10:32:01 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll
[2013.04.13 10:32:00 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.04.13 10:32:00 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013.04.13 10:31:58 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2013.04.13 10:31:58 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll
[2013.04.13 10:31:58 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2013.04.13 10:31:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2013.04.13 10:31:57 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2013.04.13 10:31:57 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2013.04.13 10:31:56 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.04.13 10:31:56 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013.04.13 10:31:56 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.04.13 10:31:55 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2013.04.13 10:31:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2013.04.13 10:31:52 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2013.04.13 10:31:52 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll
[2013.04.13 10:31:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.04.13 10:31:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.04.13 10:31:51 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2013.04.13 10:31:50 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.04.13 10:31:50 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013.04.13 10:31:50 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.04.13 10:31:49 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.04.13 10:31:49 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll
[2013.04.13 10:31:48 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013.04.13 10:31:48 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013.04.13 10:31:48 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2013.04.13 10:31:48 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2013.04.13 10:31:48 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2013.04.13 10:31:48 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.04.13 10:31:48 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys
[2013.04.13 10:31:48 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe
[2013.04.13 10:31:48 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL
[2013.04.13 10:31:48 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2013.04.13 10:31:47 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll
[2013.04.13 10:31:46 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013.04.13 10:31:46 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll
[2013.04.13 10:31:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013.04.13 10:31:44 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.04.13 10:31:44 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2013.04.13 10:31:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.04.13 10:31:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013.04.13 10:31:43 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013.04.13 10:31:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.04.13 10:31:42 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll
[2013.04.11 10:04:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 10:04:32 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.04.11 10:04:31 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 10:04:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 10:04:29 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 10:04:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.11 10:04:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.11 10:04:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.11 10:04:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.11 10:04:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.11 10:01:06 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.11 10:00:34 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2013.04.11 10:00:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.08 16:19:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.05.08 16:14:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.08 16:13:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.08 13:03:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.07 20:07:58 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.07 20:06:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.07 20:06:55 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.07 20:04:45 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02
[2013.05.07 20:04:45 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr
[2013.05.07 20:04:45 | 000,000,638 | -H-- | M] () -- C:\bdr-cf02
[2013.05.07 19:47:30 | 000,377,856 | ---- | M] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe
[2013.05.07 17:50:44 | 000,081,989 | ---- | M] () -- C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip
[2013.05.06 18:28:45 | 000,001,333 | ---- | M] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk
[2013.05.06 17:34:00 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.06 17:34:00 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.06 17:34:00 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.06 17:34:00 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.06 17:34:00 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.04 13:42:06 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
[2013.05.04 13:42:06 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk
[2013.05.03 16:26:25 | 000,537,967 | ---- | M] () -- C:\Users\Marko\Desktop\BRuno-Mars.jpg
[2013.05.03 16:25:48 | 000,163,373 | ---- | M] () -- C:\Users\Marko\Desktop\Bruno-3-bruno-mars-18630239-1280-720.jpg
[2013.05.03 16:15:33 | 000,001,323 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk
[2013.05.03 16:15:33 | 000,000,214 | ---- | M] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2013.05.02 19:55:40 | 000,272,870 | ---- | M] () -- C:\Users\Marko\Desktop\hm.oxps
[2013.04.29 18:01:36 | 000,718,840 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013.04.29 18:01:33 | 000,593,144 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013.04.28 16:34:10 | 000,001,011 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.28 16:33:55 | 000,000,979 | ---- | M] () -- C:\Users\Marko\Desktop\Dropbox.lnk
[2013.04.24 15:21:26 | 000,427,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.17 16:41:29 | 000,000,450 | ---- | M] () -- C:\Windows\ESIDATA.ini
[2013.04.12 17:39:26 | 009,892,886 | ---- | M] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg
[2013.04.12 17:19:12 | 038,516,263 | -H-- | M] () -- C:\bdr-im02.gz
[2013.04.09 15:35:57 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
 
========== Files Created - No Company Name ==========
 
[2013.05.08 07:22:54 | 000,081,989 | ---- | C] () -- C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip
[2013.05.07 19:47:29 | 000,377,856 | ---- | C] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe
[2013.05.06 18:28:45 | 000,001,333 | ---- | C] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk
[2013.05.04 13:42:06 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
[2013.05.04 13:42:06 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk
[2013.05.03 16:26:24 | 000,537,967 | ---- | C] () -- C:\Users\Marko\Desktop\BRuno-Mars.jpg
[2013.05.03 16:25:46 | 000,163,373 | ---- | C] () -- C:\Users\Marko\Desktop\Bruno-3-bruno-mars-18630239-1280-720.jpg
[2013.05.03 16:15:35 | 000,001,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
[2013.05.03 16:15:33 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk
[2013.05.03 16:15:33 | 000,000,214 | ---- | C] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2013.05.02 19:55:38 | 000,272,870 | ---- | C] () -- C:\Users\Marko\Desktop\hm.oxps
[2013.04.24 15:21:05 | 000,427,672 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.13 10:31:41 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.04.12 17:39:25 | 009,892,886 | ---- | C] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg
[2013.02.10 13:03:37 | 000,001,845 | ---- | C] () -- C:\Windows\RBSystem.ini
[2013.02.10 13:00:20 | 000,487,424 | ---- | C] () -- C:\Windows\esi_kl02.dat
[2013.02.10 13:00:11 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll
[2013.02.10 13:00:11 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll
[2013.02.10 12:57:31 | 000,000,450 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2013.01.17 20:07:07 | 000,010,495 | ---- | C] () -- C:\Users\Marko\Giemza_elster_2048.pfx
[2013.01.16 19:27:39 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.01.07 22:28:20 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.01.07 21:53:41 | 000,833,203 | ---- | C] () -- C:\ProgramData\1357587953.bdinstall.bin
[2013.01.07 19:36:11 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.01.07 18:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.21 12:02:51 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.21 12:02:51 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.21 12:02:50 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:EFC37D883532D176

< End of report >
         

und

Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 08.05.2013 16:21:37 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 76,18% Memory free
9,14 Gb Paging File | 6,06 Gb Available in Paging File | 66,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 235,13 Gb Free Space | 54,73% Space Free | Partition Type: NTFS
 
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B67A012-530F-487F-8744-C85905817542}" = rport=139 | protocol=6 | dir=out | app=system | 
"{446D36E8-CE1B-4AE2-B189-11315C3B9F4B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5F88CE16-0456-454E-88FA-C33FB6EEBA45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8157D7CE-C3BE-494A-9CBC-191602F020C0}" = lport=138 | protocol=17 | dir=in | app=system | 
"{87357BE7-DFB5-497C-830D-88BF6DC2CC4F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A39C0676-B7EB-4162-B340-AC76A81E2B88}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B9996B19-5F3E-4B9A-B5AC-1D2BD09F356F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BCF80F47-52D9-4241-BD54-988962F7AD33}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DDA10B1A-A66F-4447-B8FF-6CE20F5C78C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E079E5F6-AA2C-4A2F-BB5E-9826388EB22C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F9926664-36AC-4D06-98E3-3291D41A94E0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{FC766ABB-93DC-4100-B523-100EDF362CE5}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00ECA4DC-00B8-496A-BF32-C9C08E612A31}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{09F6DFE9-C7EA-423E-AF26-352C0487AD27}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{0CA370D9-B9BC-467E-A63D-45204175A0B9}" = dir=out | name=vaio message center | 
"{0E5736F9-AE6B-43AA-AC55-F6157D8B890B}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{0EAB9AF2-21B2-4172-9159-CCA15E1D9BEC}" = dir=out | name=skype | 
"{13428441-3A61-4C01-904B-E1CEDC12178A}" = dir=in | app=c:\program files (x86)\easeus\todo backup\bin\agent.exe | 
"{1406A805-76F1-4E42-B731-7370515E39C5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{15FC0E39-0946-4084-BDF1-CBB3653CDB39}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{189F9733-3B07-4D60-9BFF-18DB27864FAF}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{1E0A688D-CF0A-489D-B3E2-F03A3F96AC92}" = dir=out | name=taptiles | 
"{2033F014-E55B-42A3-9AB2-289E02BE2012}" = protocol=6 | dir=in | app=c:\users\marko\appdata\roaming\icqm\icq.exe | 
"{2197E56C-6CA9-4578-9FC1-281C1783AF03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{23980FDF-89CA-4EE8-9FE0-2EE2C947962A}" = dir=out | name=wordament | 
"{2E348A73-80EC-4A4D-8515-AAED420F07BE}" = dir=out | name=microsoft solitaire collection | 
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{398AF777-A5EE-4EB7-9C87-82BF703E6AB0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{3FE957CC-D8F7-45A3-A166-D624D43AC03E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{497D0586-BA95-4882-AE19-639CEC842644}" = dir=out | name=vaio care | 
"{4EEE9642-A5DA-446C-AFE2-FFCB121B063B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{55559C1B-65CB-4C62-B251-7F3819003ABD}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{580937EA-59F4-4794-BF05-5C766D1F1EB4}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{5CDCDA88-7853-441F-A227-C3BAC69EFFCA}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{635FBCC7-72FA-44EF-B82D-83AB93263D91}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{635FF58A-238B-4E2F-B3D9-2DC674B90677}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{636A93AF-AEFA-41D8-A7FB-2C5E9D7FE33B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{63FD2FC4-2B70-483E-9D95-08F4C45BD3B9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{64C258E5-4936-4745-A843-570AA640F399}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{67EEB5FB-6347-47F7-906A-CB0EB9B8C1A7}" = protocol=17 | dir=in | app=c:\users\marko\appdata\roaming\dropbox\bin\dropbox.exe | 
"{68852BB5-9329-445B-B29F-13260CEB75CA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{6A53B637-B1E1-437D-8409-AA36DC036853}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{6D681D40-3D23-441D-A9DE-C943D642989D}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{7031F3CD-F1E9-4CEF-AC9E-A3C6CF9194BD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{731CA0C7-5ACB-4096-884F-2D355C1E949B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{7525D5AE-C1CA-4CF1-BED1-9CEE16C462C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{754EBAEF-A201-4AD5-9CFB-DCFB049F119A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{7A0A2EFB-EDBC-49F0-B65D-2F03B90D8C1D}" = protocol=6 | dir=in | app=c:\users\marko\appdata\roaming\dropbox\bin\dropbox.exe | 
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{8252E45A-4D8D-4348-8C77-B83BB41644D3}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{835A9235-9566-4304-954E-CD884EC88CF6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{83E2E907-9395-4D63-AB8A-DD00CE11D333}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{868496DD-F98E-4763-8EBD-6619907BFE0E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{89F8DFA5-5501-4837-83A1-6C7C64F7987D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{968A5FEC-4812-473D-A0FB-DEE91DDD8160}" = dir=out | name=- games app - | 
"{9CDD23A8-8C81-489A-8748-BA8B09EA5536}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{A4BD47E3-2029-471B-97F7-17875FAE8F19}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{ACA690C8-511B-47D5-A499-C14F020A52C7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B9F4A035-76DF-4DDF-A47F-764A7296D122}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{BA165C4B-DB1A-449A-8FF1-A86BC1DEED55}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{BB3CB4C7-AC77-4705-8BA3-D4C08E5B5982}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{BB5E580F-B2C7-4205-A7D7-D717B47876DA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{BC58297B-EE50-4AC4-926C-BBCAB42EBEF4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{C4A2094D-9DCE-4B26-BF05-9CF7BBC0A4FF}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{CBD5088B-5DFA-4372-82DE-A916A18E3423}" = dir=in | name=ebay | 
"{CC970FF0-9E7A-49F1-B473-8C836A2AE484}" = protocol=17 | dir=in | app=c:\users\marko\appdata\roaming\icqm\icq.exe | 
"{D37AF21B-48FB-42C8-A82B-B6B371D299B2}" = dir=out | name=ebay | 
"{D7D6B0BA-36E9-4CD6-9D4D-49D94E86B57F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{D98C671B-3B4F-4494-8E92-8AECEEA9DA20}" = dir=in | name=vaio care | 
"{DD77E645-8EC6-4903-826C-5C6FAD8EF8A4}" = dir=in | name=skype | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{FC361129-1BFB-4267-89D2-6B93564A5CE2}" = dir=out | name=microsoft minesweeper | 
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 | 
"{FE1AFA4C-AE2E-46F5-BA5C-3EE82717FABB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{197F2BEF-2705-406E-8CEB-8E404FFFE414}" = VMLite Workstation
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.04
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1" = Mouse Recorder Pro 2.0.7.4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{9520BD31-226A-4D5D-B900-6C0CDBA75BF0}_is1" = Onlinesupport 5.0.8232 QS
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FA653F5B-483A-4E92-BF75-BB3BBF1D550D}" = LogMeIn
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"0630-0716-3135-7887" = JDownloader 2
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AviSynth" = AviSynth 2.5
"Bosch Viewer" = Bosch Viewer
"Canon MG5300 series Benutzerregistrierung" = Canon MG5300 series Benutzerregistrierung
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CloneCD" = CloneCD
"DAEMON Tools Lite" = DAEMON Tools Lite
"DKB-Cashback" = DKB-Cashback
"dreamboxEDIT" = dreamboxEDIT -- The one and only settings editor for your Dreambox
"ESET Online Scanner" = ESET Online Scanner v3
"ESI[tronic]" = ESI[tronic]
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"OpenSSH" = OpenSSH for Windows (remove only)
"Opera 12.15.1748" = Opera 12.15
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
"Your Software Deals_is1" = Your Software Deals
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"ICQ" = ICQ 8.0 (build 5981, für aktuellen Benutzer)
"XBMC" = XBMC
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.04.2013 06:22:00 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
 Version: 11.7.700.169, Zeitstempel: 0x5155fb9a  Name des fehlerhaften Moduls: unknown,
 Version: 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x752b2366  ID des fehlerhaften Prozesses: 0x90c4  Startzeit der fehlerhaften Anwendung:
 0x01ce38f9e50b6e74  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 23d78cd1-a4ed-11e2-be82-a41731cdefea
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 14.04.2013 06:22:37 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
 Version: 11.7.700.169, Zeitstempel: 0x5155fb9a  Name des fehlerhaften Moduls: unknown,
 Version: 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc00001a5  Fehleroffset: 
0x011449b0  ID des fehlerhaften Prozesses: 0x9240  Startzeit der fehlerhaften Anwendung:
 0x01ce38f9fc6078ea  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 3a55c1dd-a4ed-11e2-be82-a41731cdefea
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 14.04.2013 06:22:39 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
 Version: 11.7.700.169, Zeitstempel: 0x5155fb9a  Name des fehlerhaften Moduls: unknown,
 Version: 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 
0x752b2366  ID des fehlerhaften Prozesses: 0x9240  Startzeit der fehlerhaften Anwendung:
 0x01ce38f9fc6078ea  Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 3b5f4892-a4ed-11e2-be82-a41731cdefea
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 14.04.2013 10:07:04 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 36f4    Startzeit:
 01ce3918bf99b511    Endzeit: 6192    Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe

Berichts-ID:
 8d4a98d4-a50c-11e2-be82-a41731cdefea    Vollständiger Name des fehlerhaften Pakets:
     Anwendungs-ID, die relativ zum fehlerhaften Paket ist:   
 
Error - 14.04.2013 10:14:20 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 77c8    Startzeit:
 01ce39198f1b46f9    Endzeit: 1028    Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe

Berichts-ID:
 95ab0ffe-a50d-11e2-be82-a41731cdefea    Vollständiger Name des fehlerhaften Pakets:
     Anwendungs-ID, die relativ zum fehlerhaften Paket ist:   
 
Error - 14.04.2013 10:34:44 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 9024    Startzeit:
 01ce391c3ff99197    Endzeit: 1045    Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe

Berichts-ID:
 6f22bdba-a510-11e2-be82-a41731cdefea    Vollständiger Name des fehlerhaften Pakets:
     Anwendungs-ID, die relativ zum fehlerhaften Paket ist:   
 
Error - 14.04.2013 11:56:59 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 12.1.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 83b4    Startzeit:
 01ce39284c3e9207    Endzeit: 1054    Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe

Berichts-ID:
 ec638aac-a51b-11e2-be82-a41731cdefea    Vollständiger Name des fehlerhaften Pakets:
     Anwendungs-ID, die relativ zum fehlerhaften Paket ist:   
 
Error - 16.04.2013 13:10:08 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 10.0.9200.16519 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 8024    Startzeit: 01ce3abce65fae39    Endzeit: 244    Anwendungspfad:
 C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE    Berichts-ID: 7863a006-a6b8-11e2-be82-a41731cdefea

Vollständiger
 Name des fehlerhaften Pakets:     Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:   
 
Error - 17.04.2013 10:38:20 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cygrunsrv.exe, Version: 0.0.0.0, 
Zeitstempel: 0x40826252  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16420,
 Zeitstempel: 0x505aaa82  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0004f651  ID des fehlerhaften
 Prozesses: 0x5bc  Startzeit der fehlerhaften Anwendung: 0x01ce3b7920ebd67c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 72840982-a76c-11e2-be83-a41731cdefea
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 23.04.2013 13:08:48 | Computer Name = Marco | Source = SampleCollector | ID = 131331
Description = CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht 
auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.  
 
[ System Events ]
Error - 30.04.2013 14:31:15 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:32:47 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:34:19 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:35:50 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:37:22 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:38:54 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:40:26 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:41:57 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:43:29 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 30.04.2013 14:45:01 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         
Noch die Malwarebytes log:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.05.08.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
Marko :: MARCO [administrator]

08.05.2013 13:22:41
mbar-log-2013-05-08 (13-22-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 7597
Time elapsed: 9 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         


Alt 08.05.2013, 21:42   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Du hast GMER ja auch schon geladen, wo ist denn das Log dazu?
__________________
--> Mahnung mit Anhang handyshop.de

Alt 09.05.2013, 08:35   #7
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



So , bei ausführen von GMER habe ich folgende Meldung bekommen:
"C:\Windows\system32\config\system. Der Prozess kann nicht auf die Datei zugreifen, da von einenn anderen Prozess verwendet wird".
Dann beim Scan auch 2 Meldungen:

Gleich wie der erste bei Datei
C:\Windows\system32\ole32.ddl
C :\Users\Marco\ntuser.dat

ich kann den Log nicht als Code posten , weil er zu groß ist deshalb habe ich Anhang gemacht.

Alt 09.05.2013, 16:53   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.05.2013, 19:22   #9
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Habe heute zu sicherheit systemauffrischung bei win 8 gemacht und danach die scans.
Hier sind die logs:

awsmbr

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 19:59:48
-----------------------------
19:59:48.469    OS Version: Windows x64 6.2.9200 
19:59:48.469    Number of processors: 4 586 0x3A09
19:59:48.484    ComputerName: MARCO  UserName: Marko
19:59:48.516    Initialze error 1 
20:01:54.836    AVAST engine defs: 13050900
20:02:06.790    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
20:02:06.806    Disk 0 Vendor: WDC_WD5000BPVT-55HXZT4 01.01A01 Size: 476940MB BusType: 11
20:02:06.806    Disk 0 MBR read successfully
20:02:06.806    Disk 0 MBR scan
20:02:06.868    Disk 0 Windows 7 default MBR code
20:02:06.868    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
20:02:06.868    Disk 0 scanning C:\Windows\system32\drivers
20:02:06.868    Service scanning
20:02:07.406    Modules scanning
20:02:07.406    Disk 0 trace - called modules:
20:02:07.406    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
20:02:07.422    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800952c060]
20:02:07.422    3 CLASSPNP.SYS[fffff8800163cfea] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8007c39060]
20:02:07.437    AVAST engine scan C:\Windows
20:02:07.437    AVAST engine scan C:\Windows\system32
20:02:07.437    AVAST engine scan C:\Windows\system32\drivers
20:02:07.437    AVAST engine scan C:\Users\Marko
20:02:07.453    AVAST engine scan C:\ProgramData
20:02:07.453    Scan finished successfully
20:02:20.697    Disk 0 MBR has been saved successfully to "C:\Users\Marko\Desktop\MBR.dat"
20:02:20.776    The log file has been saved successfully to "C:\Users\Marko\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 20:03:27
-----------------------------
20:03:27.318    OS Version: Windows x64 6.2.9200 
20:03:27.318    Number of processors: 4 586 0x3A09
20:03:27.318    ComputerName: MARCO  UserName: Marko
20:03:27.318    Initialze error 1 
20:03:34.975    AVAST engine defs: 13050900
20:03:41.897    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
20:03:41.897    Disk 0 Vendor: WDC_WD5000BPVT-55HXZT4 01.01A01 Size: 476940MB BusType: 11
20:03:41.913    Disk 0 MBR read successfully
20:03:41.913    Disk 0 MBR scan
20:03:41.991    Disk 0 Windows 7 default MBR code
20:03:41.991    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
20:03:41.991    Disk 0 scanning C:\Windows\system32\drivers
20:03:41.991    Service scanning
20:03:42.710    Modules scanning
20:03:42.710    Disk 0 trace - called modules:
20:03:42.710    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
20:03:42.725    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800952c060]
20:03:42.725    3 CLASSPNP.SYS[fffff8800163cfea] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8007c39060]
20:03:42.741    AVAST engine scan C:\
20:03:42.741    Scan finished successfully
20:04:13.719    Disk 0 MBR has been saved successfully to "C:\Users\Marko\Desktop\MBR.dat"
20:04:13.766    The log file has been saved successfully to "C:\Users\Marko\Desktop\aswMBR.txt"
         
und tdsskiller

Code:
ATTFilter
20:05:06.0209 5196  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:05:06.0209 5196  UEFI system
20:05:06.0490 5196  ============================================================
20:05:06.0490 5196  Current date / time: 2013/05/09 20:05:06.0490
20:05:06.0490 5196  SystemInfo:
20:05:06.0490 5196  
20:05:06.0490 5196  OS Version: 6.2.9200 ServicePack: 0.0
20:05:06.0490 5196  Product type: Workstation
20:05:06.0490 5196  ComputerName: MARCO
20:05:06.0490 5196  UserName: Marko
20:05:06.0490 5196  Windows directory: C:\Windows
20:05:06.0490 5196  System windows directory: C:\Windows
20:05:06.0490 5196  Running under WOW64
20:05:06.0490 5196  Processor architecture: Intel x64
20:05:06.0490 5196  Number of processors: 4
20:05:06.0490 5196  Page size: 0x1000
20:05:06.0490 5196  Boot type: Normal boot
20:05:06.0490 5196  ============================================================
20:05:07.0538 5196  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:05:07.0538 5196  ============================================================
20:05:07.0538 5196  \Device\Harddisk0\DR0:
20:05:07.0554 5196  GPT partitions:
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {066F58F5-DD1A-4823-9A4A-1AE531D50C12}, Name: , StartLBA 0x800, BlocksNum 0x82000
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A0AA4381-2A0B-499E-B43F-B9CAEC93FBF0}, Name: , StartLBA 0x82800, BlocksNum 0x2E1000
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {842F8397-1C6A-423B-8CB5-4E4FF683C4D8}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E4DE1638-4AD3-4ABE-A1F4-4A0E1DB4EFAD}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {48DB52CC-5E8C-454C-83F2-B0D2A8BED6A2}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x35B52800
20:05:07.0554 5196  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3EB0F755-DF25-4DA6-86F0-A076B5902345}, Name: , StartLBA 0x35F78000, BlocksNum 0x440E000
20:05:07.0554 5196  MBR partitions:
20:05:07.0554 5196  ============================================================
20:05:07.0585 5196  C: <-> \Device\Harddisk0\DR0\Partition5
20:05:07.0585 5196  ============================================================
20:05:07.0585 5196  Initialize success
20:05:07.0585 5196  ============================================================
20:05:13.0109 2992  ============================================================
20:05:13.0109 2992  Scan started
20:05:13.0109 2992  Mode: Manual; 
20:05:13.0109 2992  ============================================================
20:05:13.0907 2992  ================ Scan system memory ========================
20:05:13.0907 2992  System memory - ok
20:05:13.0907 2992  ================ Scan services =============================
20:05:14.0597 2992  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:05:14.0613 2992  1394ohci - ok
20:05:14.0629 2992  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:05:14.0629 2992  3ware - ok
20:05:14.0660 2992  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:05:14.0660 2992  ACPI - ok
20:05:14.0675 2992  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:05:14.0675 2992  acpiex - ok
20:05:14.0691 2992  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:05:14.0754 2992  acpipagr - ok
20:05:14.0785 2992  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:05:14.0847 2992  AcpiPmi - ok
20:05:14.0863 2992  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:05:14.0879 2992  acpitime - ok
20:05:14.0910 2992  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:05:14.0925 2992  adp94xx - ok
20:05:14.0925 2992  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:05:14.0941 2992  adpahci - ok
20:05:14.0957 2992  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:05:14.0957 2992  adpu320 - ok
20:05:15.0004 2992  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:05:15.0004 2992  AeLookupSvc - ok
20:05:15.0050 2992  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
20:05:15.0050 2992  AFD - ok
20:05:15.0066 2992  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:05:15.0066 2992  agp440 - ok
20:05:15.0097 2992  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
20:05:15.0113 2992  ALG - ok
20:05:15.0113 2992  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:05:15.0129 2992  AllUserInstallAgent - ok
20:05:15.0160 2992  [ 1F500945F87AA517BD2F049256B304DD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:05:15.0160 2992  AMD External Events Utility - ok
20:05:15.0191 2992  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:05:15.0207 2992  AmdK8 - ok
20:05:15.0582 2992  [ 2A831A7F9031B5BBA6EF189381D65228 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:05:15.0864 2992  amdkmdag - ok
20:05:15.0895 2992  [ B9ACB2AA40709E060CDC34F13F1C9C8F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:05:15.0910 2992  amdkmdap - ok
20:05:15.0926 2992  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:05:15.0926 2992  AmdPPM - ok
20:05:15.0957 2992  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:05:15.0957 2992  amdsata - ok
20:05:15.0973 2992  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:05:16.0004 2992  amdsbs - ok
20:05:16.0020 2992  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:05:16.0020 2992  amdxata - ok
20:05:16.0020 2992  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
20:05:16.0051 2992  AppID - ok
20:05:16.0082 2992  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:05:16.0082 2992  AppIDSvc - ok
20:05:16.0082 2992  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         C:\Windows\System32\appinfo.dll
20:05:16.0082 2992  Appinfo - ok
20:05:16.0098 2992  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
20:05:16.0098 2992  arc - ok
20:05:16.0114 2992  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:05:16.0161 2992  arcsas - ok
20:05:16.0192 2992  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:05:16.0192 2992  AsyncMac - ok
20:05:16.0207 2992  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:05:16.0207 2992  atapi - ok
20:05:16.0239 2992  [ 4885C14A6AB6969B5773A42DA0BA3DA4 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:05:16.0254 2992  AthBTPort - ok
20:05:16.0426 2992  [ 8F60017273DCD46CDCC9A0AD881F7B32 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:05:16.0426 2992  AtherosSvc - ok
20:05:16.0567 2992  [ F17ABC4AA1FE4989E812858261414FE5 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
20:05:16.0739 2992  athr - ok
20:05:16.0786 2992  [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
20:05:16.0801 2992  AtiHDAudioService - ok
20:05:16.0832 2992  [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:05:16.0832 2992  AudioEndpointBuilder - ok
20:05:16.0895 2992  [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:05:16.0911 2992  Audiosrv - ok
20:05:17.0036 2992  [ AAE1DAE483DD57D0E267FCA42FCB5133 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
20:05:17.0051 2992  avc3 - ok
20:05:17.0098 2992  [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
20:05:17.0098 2992  avchv - ok
20:05:17.0129 2992  [ 8183B715BD56561C27BEBB68B1192B7A ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
20:05:17.0145 2992  avckf - ok
20:05:17.0176 2992  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:05:17.0192 2992  AxInstSV - ok
20:05:17.0239 2992  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:05:17.0239 2992  b06bdrv - ok
20:05:17.0270 2992  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:05:17.0270 2992  BasicDisplay - ok
20:05:17.0270 2992  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:05:17.0286 2992  BasicRender - ok
20:05:17.0567 2992  [ EBD3B67D51F58F45FBDA2BDE853322AA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
20:05:17.0582 2992  BdDesktopParental - ok
20:05:17.0645 2992  [ 1942D00BBAA28F4104EFD7F66453749D ] bdelam          C:\Windows\system32\drivers\bdelam.sys
20:05:17.0645 2992  bdelam - ok
20:05:17.0676 2992  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:05:17.0692 2992  BDESVC - ok
20:05:17.0817 2992  [ 33BDE38294A142D068C32B2360B7D1C9 ] BdfNdisf        C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys
20:05:17.0817 2992  BdfNdisf - ok
20:05:17.0848 2992  [ 641F901CA6B9A90077FA92BE5EC1E789 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
20:05:17.0848 2992  bdfwfpf - ok
20:05:17.0895 2992  [ E311541A584A29C0D91DD73730B1DCBE ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
20:05:17.0911 2992  BDSandBox - ok
20:05:17.0989 2992  [ 81BBCB11A9F88B5547EF1326351B7CDE ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
20:05:18.0020 2992  BDVEDISK - ok
20:05:18.0051 2992  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:05:18.0051 2992  Beep - ok
20:05:18.0098 2992  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
20:05:18.0114 2992  BFE - ok
20:05:18.0223 2992  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
20:05:18.0254 2992  BITS - ok
20:05:18.0270 2992  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:05:18.0270 2992  bowser - ok
20:05:18.0317 2992  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:05:18.0317 2992  BrokerInfrastructure - ok
20:05:18.0364 2992  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
20:05:18.0364 2992  Browser - ok
20:05:18.0395 2992  [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:05:18.0411 2992  BTATH_A2DP - ok
20:05:18.0442 2992  [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
20:05:18.0458 2992  btath_avdt - ok
20:05:18.0473 2992  [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS       C:\Windows\System32\drivers\btath_bus.sys
20:05:18.0473 2992  BTATH_BUS - ok
20:05:18.0489 2992  [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP      C:\Windows\System32\drivers\btath_hcrp.sys
20:05:18.0489 2992  BTATH_HCRP - ok
20:05:18.0504 2992  [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:05:18.0504 2992  BTATH_LWFLT - ok
20:05:18.0520 2992  [ EC7BB341229E9E6B04349580F55218B2 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
20:05:18.0536 2992  BTATH_RCP - ok
20:05:18.0551 2992  [ AABB87C9AE0537A6DCDAC8AE11CC1F5A ] BTATH_VDP       C:\Windows\system32\drivers\btath_vdp.sys
20:05:18.0551 2992  BTATH_VDP - ok
20:05:18.0583 2992  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:05:18.0583 2992  BtFilter - ok
20:05:18.0629 2992  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:05:18.0645 2992  BthAvrcpTg - ok
20:05:18.0692 2992  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
20:05:18.0692 2992  BthEnum - ok
20:05:18.0739 2992  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:05:18.0739 2992  BthHFEnum - ok
20:05:18.0754 2992  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:05:18.0770 2992  bthhfhid - ok
20:05:18.0786 2992  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
20:05:18.0801 2992  BthLEEnum - ok
20:05:18.0817 2992  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:05:18.0817 2992  BTHMODEM - ok
20:05:18.0895 2992  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:05:18.0911 2992  BthPan - ok
20:05:18.0989 2992  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:05:19.0036 2992  BTHPORT - ok
20:05:19.0083 2992  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
20:05:19.0083 2992  bthserv - ok
20:05:19.0114 2992  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:05:19.0114 2992  BTHUSB - ok
20:05:19.0129 2992  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:05:19.0145 2992  cdfs - ok
20:05:19.0145 2992  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:05:19.0161 2992  cdrom - ok
20:05:19.0176 2992  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:05:19.0176 2992  CertPropSvc - ok
20:05:19.0192 2992  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
20:05:19.0194 2992  circlass - ok
20:05:19.0194 2992  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:05:19.0210 2992  CLFS - ok
20:05:19.0257 2992  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
20:05:19.0257 2992  CLVirtualDrive - ok
20:05:19.0288 2992  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:05:19.0288 2992  CmBatt - ok
20:05:19.0335 2992  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:05:19.0335 2992  CNG - ok
20:05:19.0350 2992  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
20:05:19.0350 2992  CompositeBus - ok
20:05:19.0350 2992  COMSysApp - ok
20:05:19.0350 2992  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
20:05:19.0350 2992  condrv - ok
20:05:19.0382 2992  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:05:19.0397 2992  CryptSvc - ok
20:05:19.0428 2992  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
20:05:19.0428 2992  dam - ok
20:05:19.0475 2992  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:05:19.0507 2992  DcomLaunch - ok
20:05:19.0553 2992  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:05:19.0569 2992  defragsvc - ok
20:05:19.0616 2992  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
20:05:19.0632 2992  DeviceAssociationService - ok
20:05:19.0647 2992  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:05:19.0663 2992  DeviceInstall - ok
20:05:19.0694 2992  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:05:19.0694 2992  Dfsc - ok
20:05:19.0741 2992  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:05:19.0741 2992  Dhcp - ok
20:05:19.0741 2992  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
20:05:19.0757 2992  discache - ok
20:05:19.0757 2992  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
20:05:19.0757 2992  disk - ok
20:05:19.0772 2992  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:05:19.0772 2992  dmvsc - ok
20:05:19.0803 2992  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:05:19.0803 2992  Dnscache - ok
20:05:19.0850 2992  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
20:05:19.0866 2992  dot3svc - ok
20:05:19.0882 2992  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
20:05:19.0882 2992  DPS - ok
20:05:19.0928 2992  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:05:19.0928 2992  drmkaud - ok
20:05:19.0960 2992  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:05:19.0975 2992  DsmSvc - ok
20:05:20.0038 2992  [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:05:20.0085 2992  DXGKrnl - ok
20:05:20.0132 2992  [ CFE0E3D5EFBF0649E5900CBFCC2B95F7 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
20:05:20.0132 2992  e1yexpress - ok
20:05:20.0147 2992  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
20:05:20.0163 2992  Eaphost - ok
20:05:20.0272 2992  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:05:20.0366 2992  ebdrv - ok
20:05:20.0397 2992  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
20:05:20.0413 2992  EFS - ok
20:05:20.0413 2992  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:05:20.0413 2992  EhStorClass - ok
20:05:20.0429 2992  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:05:20.0429 2992  EhStorTcgDrv - ok
20:05:20.0429 2992  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:05:20.0444 2992  ErrDev - ok
20:05:20.0475 2992  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
20:05:20.0491 2992  EventSystem - ok
20:05:20.0507 2992  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:05:20.0522 2992  exfat - ok
20:05:20.0522 2992  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:05:20.0538 2992  fastfat - ok
20:05:20.0600 2992  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
20:05:20.0647 2992  Fax - ok
20:05:20.0647 2992  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:05:20.0647 2992  fdc - ok
20:05:20.0679 2992  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
20:05:20.0679 2992  fdPHost - ok
20:05:20.0694 2992  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
20:05:20.0710 2992  FDResPub - ok
20:05:20.0741 2992  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
20:05:20.0741 2992  fhsvc - ok
20:05:20.0741 2992  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:05:20.0741 2992  FileInfo - ok
20:05:20.0757 2992  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:05:20.0757 2992  Filetrace - ok
20:05:20.0757 2992  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:05:20.0788 2992  flpydisk - ok
20:05:20.0804 2992  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:05:20.0804 2992  FltMgr - ok
20:05:20.0866 2992  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
20:05:20.0897 2992  FontCache - ok
20:05:21.0022 2992  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:05:21.0038 2992  FontCache3.0.0.0 - ok
20:05:21.0038 2992  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:05:21.0038 2992  FsDepends - ok
20:05:21.0054 2992  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:05:21.0054 2992  Fs_Rec - ok
20:05:21.0100 2992  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:05:21.0100 2992  fvevol - ok
20:05:21.0147 2992  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
20:05:21.0147 2992  FxPPM - ok
20:05:21.0164 2992  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:05:21.0180 2992  gagp30kx - ok
20:05:21.0242 2992  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:05:21.0273 2992  GamesAppService - ok
20:05:21.0308 2992  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:05:21.0308 2992  gencounter - ok
20:05:21.0339 2992  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:05:21.0339 2992  GPIOClx0101 - ok
20:05:21.0417 2992  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:05:21.0448 2992  gpsvc - ok
20:05:21.0511 2992  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         c:\program files (x86)\google\update\googleupdate.exe
20:05:21.0511 2992  gupdate - ok
20:05:21.0526 2992  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        c:\program files (x86)\google\update\googleupdate.exe
20:05:21.0526 2992  gupdatem - ok
20:05:21.0573 2992  [ DB8A82239139348D6666434128D6F5DC ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
20:05:21.0589 2992  gzflt - ok
20:05:21.0636 2992  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:05:21.0651 2992  HdAudAddService - ok
20:05:21.0698 2992  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:05:21.0698 2992  HDAudBus - ok
20:05:21.0738 2992  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:05:21.0738 2992  HidBatt - ok
20:05:21.0748 2992  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:05:21.0748 2992  HidBth - ok
20:05:21.0811 2992  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:05:21.0811 2992  hidi2c - ok
20:05:21.0826 2992  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:05:21.0826 2992  HidIr - ok
20:05:21.0873 2992  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
20:05:21.0873 2992  hidserv - ok
20:05:21.0889 2992  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:05:21.0889 2992  HidUsb - ok
20:05:21.0920 2992  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:05:21.0920 2992  hkmsvc - ok
20:05:21.0967 2992  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:05:21.0967 2992  HomeGroupListener - ok
20:05:22.0045 2992  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:05:22.0045 2992  HomeGroupProvider - ok
20:05:22.0061 2992  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:05:22.0061 2992  HpSAMD - ok
20:05:22.0123 2992  [ 29CB98187BB5711F7759540976D295FC ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:05:22.0139 2992  HTTP - ok
20:05:22.0186 2992  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:05:22.0186 2992  hwpolicy - ok
20:05:22.0186 2992  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:05:22.0186 2992  hyperkbd - ok
20:05:22.0202 2992  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
20:05:22.0217 2992  HyperVideo - ok
20:05:22.0217 2992  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:05:22.0233 2992  i8042prt - ok
20:05:22.0295 2992  [ F5A9FBAE160BD1837C2F1B85324A6762 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
20:05:22.0295 2992  iaStorA - ok
20:05:22.0311 2992  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:05:22.0327 2992  iaStorV - ok
20:05:22.0436 2992  [ 15C9BF6968A0990D8F4161A6ABEB7229 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:05:22.0452 2992  IconMan_R - ok
20:05:22.0467 2992  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:05:22.0467 2992  iirsp - ok
20:05:22.0498 2992  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:05:22.0530 2992  IKEEXT - ok
20:05:22.0656 2992  [ DDC860724AEF8F8E42AC61E6585769C6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:05:22.0796 2992  IntcAzAudAddService - ok
20:05:22.0859 2992  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:05:22.0874 2992  Intel(R) Capability Licensing Service Interface - ok
20:05:22.0968 2992  [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:05:22.0968 2992  Intel(R) ME Service - ok
20:05:22.0984 2992  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:05:22.0984 2992  intelide - ok
20:05:23.0031 2992  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:05:23.0031 2992  intelppm - ok
20:05:23.0062 2992  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:05:23.0062 2992  IpFilterDriver - ok
20:05:23.0124 2992  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:05:23.0156 2992  iphlpsvc - ok
20:05:23.0171 2992  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:05:23.0171 2992  IPMIDRV - ok
20:05:23.0187 2992  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:05:23.0187 2992  IPNAT - ok
20:05:23.0218 2992  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:05:23.0234 2992  IRENUM - ok
20:05:23.0249 2992  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:05:23.0249 2992  isapnp - ok
20:05:23.0281 2992  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:05:23.0296 2992  iScsiPrt - ok
20:05:23.0296 2992  [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:05:23.0296 2992  jhi_service - ok
20:05:23.0312 2992  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:05:23.0312 2992  kbdclass - ok
20:05:23.0312 2992  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:05:23.0327 2992  kbdhid - ok
20:05:23.0343 2992  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
20:05:23.0343 2992  kdnic - ok
20:05:23.0374 2992  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
20:05:23.0374 2992  KeyIso - ok
20:05:23.0390 2992  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:05:23.0406 2992  KSecDD - ok
20:05:23.0421 2992  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:05:23.0421 2992  KSecPkg - ok
20:05:23.0453 2992  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:05:23.0453 2992  ksthunk - ok
20:05:23.0499 2992  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:05:23.0499 2992  KtmRm - ok
20:05:23.0578 2992  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:05:23.0578 2992  LanmanServer - ok
20:05:23.0624 2992  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:05:23.0624 2992  LanmanWorkstation - ok
20:05:23.0640 2992  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:05:23.0640 2992  lltdio - ok
20:05:23.0671 2992  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:05:23.0687 2992  lltdsvc - ok
20:05:23.0703 2992  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:05:23.0703 2992  lmhosts - ok
20:05:23.0749 2992  [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:05:23.0749 2992  LMS - ok
20:05:23.0781 2992  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:05:23.0796 2992  LSI_SAS - ok
20:05:23.0796 2992  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:05:23.0796 2992  LSI_SAS2 - ok
20:05:23.0828 2992  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:05:23.0828 2992  LSI_SCSI - ok
20:05:23.0843 2992  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:05:23.0843 2992  LSI_SSS - ok
20:05:23.0890 2992  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
20:05:23.0890 2992  LSM - ok
20:05:23.0906 2992  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:05:23.0906 2992  luafv - ok
20:05:23.0999 2992  [ 2C696ACBBBFFF7D25C1F468087FEB561 ] McOobeSv2       C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
20:05:24.0015 2992  McOobeSv2 - ok
20:05:24.0015 2992  [ 2C696ACBBBFFF7D25C1F468087FEB561 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
20:05:24.0015 2992  mcpltsvc - ok
20:05:24.0031 2992  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
20:05:24.0031 2992  megasas - ok
20:05:24.0062 2992  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:05:24.0078 2992  MegaSR - ok
20:05:24.0109 2992  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
20:05:24.0124 2992  MEIx64 - ok
20:05:24.0156 2992  [ B574522827D94126C03975FD53F0B26B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
20:05:24.0171 2992  mfeapfk - ok
20:05:24.0203 2992  [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
20:05:24.0218 2992  mfeavfk - ok
20:05:24.0265 2992  [ 97C398750C8E80A48EB63999546F796E ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:05:24.0265 2992  mfefire - ok
20:05:24.0328 2992  [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
20:05:24.0359 2992  mfefirek - ok
20:05:24.0406 2992  [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
20:05:24.0421 2992  mfehidk - ok
20:05:24.0437 2992  mfeicfcoreocp - ok
20:05:24.0468 2992  [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp          C:\Windows\system32\mfevtps.exe
20:05:24.0468 2992  mfevtp - ok
20:05:24.0562 2992  [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
20:05:24.0609 2992  mfewfpk - ok
20:05:24.0640 2992  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
20:05:24.0656 2992  MMCSS - ok
20:05:24.0671 2992  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
20:05:24.0671 2992  Modem - ok
20:05:24.0734 2992  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
20:05:24.0734 2992  monitor - ok
20:05:24.0749 2992  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:05:24.0749 2992  mouclass - ok
20:05:24.0796 2992  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:05:24.0796 2992  mouhid - ok
20:05:24.0828 2992  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:05:24.0828 2992  mountmgr - ok
20:05:24.0890 2992  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
20:05:24.0921 2992  MozillaMaintenance - ok
20:05:24.0968 2992  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:05:24.0968 2992  mpsdrv - ok
20:05:24.0999 2992  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:05:25.0015 2992  MpsSvc - ok
20:05:25.0015 2992  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:05:25.0015 2992  MRxDAV - ok
20:05:25.0046 2992  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:05:25.0062 2992  mrxsmb - ok
20:05:25.0062 2992  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:05:25.0062 2992  mrxsmb10 - ok
20:05:25.0078 2992  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:05:25.0078 2992  mrxsmb20 - ok
20:05:25.0093 2992  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
20:05:25.0109 2992  MsBridge - ok
20:05:25.0124 2992  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
20:05:25.0140 2992  MSDTC - ok
20:05:25.0156 2992  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:05:25.0156 2992  Msfs - ok
20:05:25.0187 2992  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:05:25.0187 2992  msgpiowin32 - ok
20:05:25.0203 2992  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:05:25.0203 2992  mshidkmdf - ok
20:05:25.0203 2992  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:05:25.0218 2992  mshidumdf - ok
20:05:25.0218 2992  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:05:25.0218 2992  msisadrv - ok
20:05:25.0265 2992  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:05:25.0265 2992  MSiSCSI - ok
20:05:25.0265 2992  msiserver - ok
20:05:25.0281 2992  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:05:25.0281 2992  MSKSSRV - ok
20:05:25.0281 2992  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
20:05:25.0296 2992  MsLldp - ok
20:05:25.0312 2992  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:05:25.0312 2992  MSPCLOCK - ok
20:05:25.0332 2992  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:05:25.0332 2992  MSPQM - ok
20:05:25.0348 2992  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:05:25.0364 2992  MsRPC - ok
20:05:25.0379 2992  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:05:25.0379 2992  mssmbios - ok
20:05:25.0395 2992  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:05:25.0395 2992  MSTEE - ok
20:05:25.0395 2992  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:05:25.0395 2992  MTConfig - ok
20:05:25.0410 2992  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:05:25.0410 2992  Mup - ok
20:05:25.0410 2992  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:05:25.0410 2992  mvumis - ok
20:05:25.0457 2992  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
20:05:25.0457 2992  napagent - ok
20:05:25.0489 2992  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:05:25.0489 2992  NativeWifiP - ok
20:05:25.0536 2992  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:05:25.0536 2992  NcaSvc - ok
20:05:25.0551 2992  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:05:25.0551 2992  NcdAutoSetup - ok
20:05:25.0598 2992  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:05:25.0629 2992  NDIS - ok
20:05:25.0645 2992  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:05:25.0645 2992  NdisCap - ok
20:05:25.0645 2992  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:05:25.0660 2992  NdisImPlatform - ok
20:05:25.0723 2992  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:05:25.0723 2992  NdisTapi - ok
20:05:25.0739 2992  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:05:25.0739 2992  Ndisuio - ok
20:05:25.0754 2992  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:25.0754 2992  NdisWan - ok
20:05:25.0754 2992  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:25.0770 2992  NDISWANLEGACY - ok
20:05:25.0801 2992  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:05:25.0801 2992  NDProxy - ok
20:05:25.0801 2992  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:05:25.0801 2992  Ndu - ok
20:05:25.0817 2992  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:05:25.0832 2992  NetBIOS - ok
20:05:25.0832 2992  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:05:25.0879 2992  NetBT - ok
20:05:25.0895 2992  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
20:05:25.0895 2992  Netlogon - ok
20:05:25.0942 2992  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
20:05:25.0942 2992  Netman - ok
20:05:25.0989 2992  [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:05:26.0004 2992  netprofm - ok
20:05:26.0161 2992  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:05:26.0207 2992  NetTcpPortSharing - ok
20:05:26.0395 2992  [ 3E867077C0CF367FF8FCAEC64947393E ] NetworkSupport  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
20:05:26.0473 2992  NetworkSupport - ok
20:05:26.0504 2992  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:05:26.0520 2992  nfrd960 - ok
20:05:26.0551 2992  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:05:26.0567 2992  NlaSvc - ok
20:05:26.0567 2992  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:05:26.0567 2992  Npfs - ok
20:05:26.0582 2992  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:05:26.0598 2992  npsvctrig - ok
20:05:26.0629 2992  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
20:05:26.0629 2992  nsi - ok
20:05:26.0629 2992  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:05:26.0645 2992  nsiproxy - ok
20:05:26.0723 2992  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:05:26.0770 2992  Ntfs - ok
20:05:26.0770 2992  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
20:05:26.0770 2992  Null - ok
20:05:27.0036 2992  [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:05:27.0411 2992  nvlddmkm - ok
20:05:27.0411 2992  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:05:27.0426 2992  nvraid - ok
20:05:27.0426 2992  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:05:27.0426 2992  nvstor - ok
20:05:27.0426 2992  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:05:27.0442 2992  nv_agp - ok
20:05:27.0598 2992  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:05:27.0630 2992  odserv - ok
20:05:27.0661 2992  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:05:27.0676 2992  ose - ok
20:05:27.0723 2992  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:05:27.0723 2992  p2pimsvc - ok
20:05:27.0770 2992  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:05:27.0786 2992  p2psvc - ok
20:05:27.0786 2992  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
20:05:27.0786 2992  Parport - ok
20:05:27.0833 2992  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:05:27.0833 2992  partmgr - ok
20:05:27.0864 2992  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:05:27.0880 2992  PcaSvc - ok
20:05:27.0895 2992  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
20:05:27.0911 2992  pci - ok
20:05:27.0911 2992  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:05:27.0911 2992  pciide - ok
20:05:27.0926 2992  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:05:27.0926 2992  pcmcia - ok
20:05:27.0942 2992  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:05:27.0942 2992  pcw - ok
20:05:27.0973 2992  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
20:05:27.0973 2992  pdc - ok
20:05:28.0005 2992  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:05:28.0020 2992  PEAUTH - ok
20:05:28.0364 2992  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:05:28.0364 2992  PerfHost - ok
20:05:28.0427 2992  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
20:05:28.0489 2992  pla - ok
20:05:28.0536 2992  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:05:28.0552 2992  PlugPlay - ok
20:05:28.0723 2992  [ 0554C64486399581EC5686CCBB975DFE ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
20:05:28.0755 2992  PMBDeviceInfoProvider - ok
20:05:28.0770 2992  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:05:28.0770 2992  PNRPAutoReg - ok
20:05:28.0802 2992  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:05:28.0817 2992  PNRPsvc - ok
20:05:28.0864 2992  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:05:28.0880 2992  PolicyAgent - ok
20:05:28.0911 2992  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
20:05:28.0911 2992  Power - ok
20:05:28.0958 2992  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:05:28.0973 2992  PptpMiniport - ok
20:05:29.0130 2992  [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:05:29.0270 2992  PrintNotify - ok
20:05:29.0302 2992  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
20:05:29.0317 2992  Processor - ok
20:05:29.0348 2992  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
20:05:29.0364 2992  ProfSvc - ok
20:05:29.0380 2992  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:05:29.0380 2992  Psched - ok
20:05:29.0411 2992  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
20:05:29.0411 2992  QWAVE - ok
20:05:29.0458 2992  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:05:29.0473 2992  QWAVEdrv - ok
20:05:29.0473 2992  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:05:29.0473 2992  RasAcd - ok
20:05:29.0520 2992  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:05:29.0520 2992  RasAgileVpn - ok
20:05:29.0552 2992  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:05:29.0552 2992  RasAuto - ok
20:05:29.0567 2992  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:05:29.0567 2992  Rasl2tp - ok
20:05:29.0598 2992  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
20:05:29.0598 2992  RasMan - ok
20:05:29.0614 2992  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:05:29.0615 2992  RasPppoe - ok
20:05:29.0615 2992  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:05:29.0615 2992  RasSstp - ok
20:05:29.0646 2992  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:05:29.0662 2992  rdbss - ok
20:05:29.0678 2992  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:05:29.0678 2992  rdpbus - ok
20:05:29.0693 2992  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:05:29.0693 2992  RDPDR - ok
20:05:29.0740 2992  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:05:29.0740 2992  RdpVideoMiniport - ok
20:05:29.0740 2992  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:05:29.0756 2992  RDPWD - ok
20:05:29.0787 2992  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:05:29.0803 2992  rdyboost - ok
20:05:29.0834 2992  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:05:29.0849 2992  RemoteAccess - ok
20:05:29.0865 2992  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:05:29.0881 2992  RemoteRegistry - ok
20:05:29.0912 2992  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
20:05:29.0928 2992  RFCOMM - ok
20:05:29.0959 2992  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:05:29.0959 2992  RpcEptMapper - ok
20:05:30.0006 2992  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
20:05:30.0006 2992  RpcLocator - ok
20:05:30.0037 2992  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
20:05:30.0053 2992  RpcSs - ok
20:05:30.0084 2992  [ FD2F7ABB0B3C777CDC9D342CADBF0131 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
20:05:30.0099 2992  RSPCIESTOR - ok
20:05:30.0178 2992  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:05:30.0178 2992  rspndr - ok
20:05:30.0224 2992  [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
20:05:30.0256 2992  RTL8168 - ok
20:05:30.0303 2992  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:05:30.0303 2992  s3cap - ok
20:05:30.0412 2992  [ 6A28F5BB0F3CD035D12D8C105EA6ED3E ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
20:05:30.0412 2992  SafeBox - ok
20:05:30.0443 2992  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
20:05:30.0459 2992  SamSs - ok
20:05:30.0459 2992  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:05:30.0459 2992  sbp2port - ok
20:05:30.0506 2992  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:05:30.0521 2992  SCardSvr - ok
20:05:30.0521 2992  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:05:30.0521 2992  scfilter - ok
20:05:30.0599 2992  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        C:\Windows\system32\schedsvc.dll
20:05:30.0631 2992  Schedule - ok
20:05:30.0678 2992  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:05:30.0678 2992  SCPolicySvc - ok
20:05:30.0709 2992  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:05:30.0724 2992  sdbus - ok
20:05:30.0740 2992  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:05:30.0740 2992  SDRSVC - ok
20:05:30.0803 2992  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:05:30.0803 2992  sdstor - ok
20:05:30.0834 2992  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:05:30.0834 2992  secdrv - ok
20:05:30.0865 2992  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
20:05:30.0865 2992  seclogon - ok
20:05:30.0896 2992  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
20:05:30.0896 2992  SENS - ok
20:05:30.0912 2992  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:05:30.0912 2992  SensrSvc - ok
20:05:30.0912 2992  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:05:30.0912 2992  SerCx - ok
20:05:30.0928 2992  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:05:30.0928 2992  Serenum - ok
20:05:30.0928 2992  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
20:05:30.0959 2992  Serial - ok
20:05:30.0959 2992  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:05:30.0959 2992  sermouse - ok
20:05:30.0990 2992  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
20:05:30.0990 2992  SessionEnv - ok
20:05:31.0037 2992  [ 415B1326C40A2E1F251A3845B9C7DF31 ] SFEP            C:\Windows\System32\drivers\SFEP.sys
20:05:31.0053 2992  SFEP - ok
20:05:31.0053 2992  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:05:31.0053 2992  sfloppy - ok
20:05:31.0084 2992  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:05:31.0099 2992  SharedAccess - ok
20:05:31.0209 2992  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:05:31.0209 2992  ShellHWDetection - ok
20:05:31.0224 2992  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:05:31.0224 2992  SiSRaid2 - ok
20:05:31.0240 2992  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:05:31.0240 2992  SiSRaid4 - ok
20:05:31.0287 2992  [ 4A2972573225A2DE4DEC0AD68529DF0F ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:05:31.0318 2992  SmbDrvI - ok
20:05:31.0350 2992  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:05:31.0350 2992  SNMPTRAP - ok
20:05:31.0474 2992  [ CC7041283CE3AEC7912636F0918B5A37 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:05:31.0506 2992  SOHCImp - ok
20:05:31.0553 2992  [ F318A96C1B42215F8A03D4325AB977AD ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
20:05:31.0599 2992  SOHDms - ok
20:05:31.0631 2992  [ 91B5B1FEC3F396A99C2AC3C37ACF84D0 ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:05:31.0646 2992  SOHDs - ok
20:05:31.0709 2992  [ AA0F913B69BCEC9655ECAAA2312B29D9 ] SOWS            C:\Windows\System32\drivers\sows.sys
20:05:31.0709 2992  SOWS - ok
20:05:31.0756 2992  [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:05:31.0771 2992  spaceport - ok
20:05:31.0787 2992  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:05:31.0787 2992  SpbCx - ok
20:05:31.0896 2992  [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:05:31.0928 2992  SpfService - ok
20:05:31.0990 2992  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
20:05:31.0990 2992  Spooler - ok
20:05:32.0131 2992  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:05:32.0271 2992  sppsvc - ok
20:05:32.0271 2992  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:05:32.0271 2992  srv - ok
20:05:32.0318 2992  [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:05:32.0318 2992  srv2 - ok
20:05:32.0335 2992  [ FD8B4F201B681C555A4AF41922C52557 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:05:32.0335 2992  srvnet - ok
20:05:32.0350 2992  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:05:32.0350 2992  SSDPSRV - ok
20:05:32.0373 2992  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:05:32.0373 2992  SstpSvc - ok
20:05:32.0400 2992  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:05:32.0400 2992  stexstor - ok
20:05:32.0463 2992  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
20:05:32.0478 2992  stisvc - ok
20:05:32.0541 2992  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:05:32.0556 2992  storahci - ok
20:05:32.0572 2992  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
20:05:32.0572 2992  storflt - ok
20:05:32.0603 2992  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
20:05:32.0603 2992  StorSvc - ok
20:05:32.0619 2992  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:05:32.0619 2992  storvsc - ok
20:05:32.0650 2992  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
20:05:32.0650 2992  svsvc - ok
20:05:32.0666 2992  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
20:05:32.0666 2992  swenum - ok
20:05:32.0697 2992  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
20:05:32.0713 2992  swprv - ok
20:05:32.0759 2992  [ 157DFCD1E83E964A5074742AE2DFA0C1 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:05:32.0759 2992  SynTP - ok
20:05:32.0822 2992  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\Windows\system32\sysmain.dll
20:05:32.0853 2992  SysMain - ok
20:05:32.0885 2992  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:05:32.0900 2992  SystemEventsBroker - ok
20:05:32.0916 2992  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
20:05:32.0916 2992  TabletInputService - ok
20:05:32.0931 2992  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:05:32.0963 2992  TapiSrv - ok
20:05:33.0041 2992  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:05:33.0119 2992  Tcpip - ok
20:05:33.0150 2992  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:05:33.0166 2992  TCPIP6 - ok
20:05:33.0213 2992  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:05:33.0213 2992  tcpipreg - ok
20:05:33.0213 2992  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:05:33.0228 2992  tdx - ok
20:05:33.0228 2992  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:05:33.0228 2992  terminpt - ok
20:05:33.0291 2992  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
20:05:33.0322 2992  TermService - ok
20:05:33.0338 2992  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
20:05:33.0338 2992  Themes - ok
20:05:33.0369 2992  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:05:33.0369 2992  THREADORDER - ok
20:05:33.0416 2992  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
20:05:33.0416 2992  TimeBroker - ok
20:05:33.0463 2992  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
20:05:33.0463 2992  TPM - ok
20:05:33.0478 2992  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
20:05:33.0494 2992  TrkWks - ok
20:05:33.0572 2992  [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
20:05:33.0572 2992  trufos - ok
20:05:33.0635 2992  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:05:33.0635 2992  TrustedInstaller - ok
20:05:33.0681 2992  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:05:33.0681 2992  TsUsbFlt - ok
20:05:33.0697 2992  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:05:33.0697 2992  TsUsbGD - ok
20:05:33.0728 2992  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:05:33.0760 2992  tunnel - ok
20:05:33.0775 2992  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:05:33.0791 2992  uagp35 - ok
20:05:33.0791 2992  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:05:33.0791 2992  UASPStor - ok
20:05:33.0822 2992  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
20:05:33.0838 2992  UCX01000 - ok
20:05:33.0838 2992  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:05:33.0853 2992  udfs - ok
20:05:33.0963 2992  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:05:33.0963 2992  UI0Detect - ok
20:05:33.0963 2992  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:05:33.0978 2992  uliagpkx - ok
20:05:33.0978 2992  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
20:05:33.0978 2992  umbus - ok
20:05:33.0994 2992  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:05:33.0994 2992  UmPass - ok
20:05:34.0010 2992  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
20:05:34.0025 2992  UmRdpService - ok
20:05:34.0135 2992  [ E1A119AD21F5AFE22EB516C549306D3D ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:05:34.0135 2992  UNS - ok
20:05:34.0306 2992  [ 3B709E63B35A6949F4CFB05A6F6A180C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
20:05:34.0306 2992  UPDATESRV - ok
20:05:34.0353 2992  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
20:05:34.0385 2992  upnphost - ok
20:05:34.0416 2992  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:05:34.0416 2992  usbccgp - ok
20:05:34.0431 2992  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:05:34.0431 2992  usbcir - ok
20:05:34.0463 2992  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:05:34.0463 2992  usbehci - ok
20:05:34.0510 2992  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:05:34.0525 2992  usbhub - ok
20:05:34.0541 2992  [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:05:34.0573 2992  USBHUB3 - ok
20:05:34.0604 2992  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:05:34.0619 2992  usbohci - ok
20:05:34.0651 2992  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:05:34.0651 2992  usbprint - ok
20:05:34.0666 2992  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:05:34.0666 2992  USBSTOR - ok
20:05:34.0698 2992  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:05:34.0698 2992  usbuhci - ok
20:05:34.0744 2992  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:05:34.0744 2992  usbvideo - ok
20:05:34.0791 2992  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:05:34.0807 2992  USBXHCI - ok
20:05:34.0916 2992  [ A3C75F5220CAB16A29784433DC241A5B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
20:05:34.0916 2992  VAIO Event Service - ok
20:05:35.0041 2992  [ 8EF62038EBD54C240486A36F9259C64A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:05:35.0057 2992  VAIO Power Management - ok
20:05:35.0104 2992  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
20:05:35.0104 2992  VaultSvc - ok
20:05:35.0260 2992  [ 5B9E9B509770422967D2126E7D4F01EA ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:05:35.0323 2992  VCFw - ok
20:05:35.0416 2992  [ 3FD6585C0C2B3730DF30CFB8F41E1335 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
20:05:35.0416 2992  VCService - ok
20:05:35.0463 2992  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:05:35.0463 2992  vdrvroot - ok
20:05:35.0510 2992  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\Windows\System32\vds.exe
20:05:35.0526 2992  vds - ok
20:05:35.0541 2992  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:05:35.0541 2992  VerifierExt - ok
20:05:35.0588 2992  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:05:35.0604 2992  vhdmp - ok
20:05:35.0651 2992  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:05:35.0666 2992  viaide - ok
20:05:35.0666 2992  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:05:35.0682 2992  vmbus - ok
20:05:35.0682 2992  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:05:35.0682 2992  VMBusHID - ok
20:05:35.0776 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
20:05:35.0791 2992  vmicheartbeat - ok
20:05:35.0807 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:05:35.0807 2992  vmickvpexchange - ok
20:05:35.0823 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
20:05:35.0823 2992  vmicrdv - ok
20:05:35.0838 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
20:05:35.0838 2992  vmicshutdown - ok
20:05:35.0854 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
20:05:35.0854 2992  vmictimesync - ok
20:05:35.0869 2992  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
20:05:35.0869 2992  vmicvss - ok
20:05:35.0885 2992  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:05:35.0901 2992  volmgr - ok
20:05:35.0916 2992  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:05:35.0916 2992  volmgrx - ok
20:05:35.0916 2992  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:05:35.0932 2992  volsnap - ok
20:05:35.0932 2992  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
20:05:35.0932 2992  vpci - ok
20:05:35.0963 2992  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:05:35.0979 2992  vsmraid - ok
20:05:36.0041 2992  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\Windows\system32\vssvc.exe
20:05:36.0088 2992  VSS - ok
20:05:36.0166 2992  [ F4087B2AA00D96A852B084294B2C547A ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
20:05:36.0182 2992  VSSERV - ok
20:05:36.0198 2992  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:05:36.0198 2992  VSTXRAID - ok
20:05:36.0323 2992  [ 8B54E63C1496FE7D92135DAECEC384D1 ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
20:05:36.0323 2992  VUAgent - ok
20:05:36.0338 2992  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:05:36.0338 2992  vwifibus - ok
20:05:36.0338 2992  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:05:36.0354 2992  vwififlt - ok
20:05:36.0354 2992  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:05:36.0354 2992  vwifimp - ok
20:05:36.0369 2992  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
20:05:36.0369 2992  W32Time - ok
20:05:36.0385 2992  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:05:36.0385 2992  WacomPen - ok
20:05:36.0432 2992  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:05:36.0448 2992  Wanarp - ok
20:05:36.0448 2992  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:05:36.0448 2992  Wanarpv6 - ok
20:05:36.0510 2992  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
20:05:36.0557 2992  wbengine - ok
20:05:36.0588 2992  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:05:36.0588 2992  WbioSrvc - ok
20:05:36.0604 2992  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:05:36.0620 2992  Wcmsvc - ok
20:05:36.0666 2992  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:05:36.0729 2992  wcncsvc - ok
20:05:36.0729 2992  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:05:36.0729 2992  WcsPlugInService - ok
20:05:36.0776 2992  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
20:05:36.0776 2992  Wd - ok
20:05:36.0807 2992  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:05:36.0807 2992  WdBoot - ok
20:05:36.0870 2992  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:05:36.0885 2992  Wdf01000 - ok
20:05:36.0979 2992  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:05:36.0995 2992  WdFilter - ok
20:05:37.0010 2992  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:05:37.0010 2992  WdiServiceHost - ok
20:05:37.0041 2992  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:05:37.0057 2992  WdiSystemHost - ok
20:05:37.0088 2992  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
20:05:37.0104 2992  WebClient - ok
20:05:37.0120 2992  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:05:37.0135 2992  Wecsvc - ok
20:05:37.0166 2992  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:05:37.0166 2992  wercplsupport - ok
20:05:37.0213 2992  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:05:37.0213 2992  WerSvc - ok
20:05:37.0260 2992  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
20:05:37.0260 2992  WFPLWFS - ok
20:05:37.0291 2992  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:05:37.0291 2992  WiaRpc - ok
20:05:37.0307 2992  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:05:37.0307 2992  WIMMount - ok
20:05:37.0370 2992  WinDefend - ok
20:05:37.0448 2992  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:05:37.0463 2992  WinHttpAutoProxySvc - ok
20:05:37.0666 2992  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:05:37.0666 2992  Winmgmt - ok
20:05:37.0791 2992  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:05:37.0963 2992  WinRM - ok
20:05:38.0166 2992  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:05:38.0198 2992  WlanSvc - ok
20:05:38.0307 2992  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:05:38.0432 2992  wlidsvc - ok
20:05:38.0495 2992  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:05:38.0495 2992  WmiAcpi - ok
20:05:38.0557 2992  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:05:38.0557 2992  wmiApSrv - ok
20:05:38.0588 2992  WMPNetworkSvc - ok
20:05:38.0604 2992  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
20:05:38.0604 2992  wpcfltr - ok
20:05:38.0682 2992  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:05:38.0682 2992  WPCSvc - ok
20:05:38.0729 2992  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:05:38.0729 2992  WPDBusEnum - ok
20:05:38.0745 2992  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:05:38.0745 2992  WpdUpFltr - ok
20:05:38.0791 2992  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:05:38.0791 2992  ws2ifsl - ok
20:05:38.0823 2992  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:05:38.0823 2992  wscsvc - ok
20:05:38.0838 2992  WSearch - ok
20:05:38.0948 2992  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
20:05:39.0026 2992  WSService - ok
20:05:39.0135 2992  [ 79F95469604B77296346DE7DB463EA2A ] wuauserv        C:\Windows\system32\wuaueng.dll
20:05:39.0213 2992  wuauserv - ok
20:05:39.0260 2992  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:05:39.0260 2992  WudfPf - ok
20:05:39.0276 2992  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:05:39.0276 2992  WUDFRd - ok
20:05:39.0307 2992  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:05:39.0323 2992  wudfsvc - ok
20:05:39.0338 2992  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:39.0338 2992  WUDFWpdFs - ok
20:05:39.0401 2992  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:05:39.0401 2992  WwanSvc - ok
20:05:39.0557 2992  [ 918C73F0275D7813E6F01E100B39DBD9 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:05:39.0557 2992  ZAtheros Bt&Wlan Coex Agent - ok
20:05:39.0573 2992  ================ Scan global ===============================
20:05:39.0620 2992  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
20:05:39.0667 2992  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
20:05:39.0698 2992  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
20:05:39.0745 2992  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
20:05:39.0760 2992  [Global] - ok
20:05:39.0760 2992  ================ Scan MBR ==================================
20:05:39.0776 2992  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:05:39.0792 2992  \Device\Harddisk0\DR0 - ok
20:05:39.0792 2992  ================ Scan VBR ==================================
20:05:39.0792 2992  [ 6F2E1747103AA17916908AC252569DBB ] \Device\Harddisk0\DR0\Partition1
20:05:39.0792 2992  \Device\Harddisk0\DR0\Partition1 - ok
20:05:39.0854 2992  [ 0F5156587C21A08756725E2F1C960B86 ] \Device\Harddisk0\DR0\Partition2
20:05:39.0854 2992  \Device\Harddisk0\DR0\Partition2 - ok
20:05:39.0870 2992  [ E2C78C1F702A78F6623D1FCC227C777F ] \Device\Harddisk0\DR0\Partition3
20:05:39.0870 2992  \Device\Harddisk0\DR0\Partition3 - ok
20:05:39.0885 2992  [ CA139E4C6472338501A1B6ACD959D7E8 ] \Device\Harddisk0\DR0\Partition4
20:05:39.0885 2992  \Device\Harddisk0\DR0\Partition4 - ok
20:05:39.0901 2992  [ 950DE42FFCC79D95A0DAC99BCBB84925 ] \Device\Harddisk0\DR0\Partition5
20:05:39.0901 2992  \Device\Harddisk0\DR0\Partition5 - ok
20:05:39.0932 2992  [ BD14510FB0217DB719BA5166650CBB12 ] \Device\Harddisk0\DR0\Partition6
20:05:39.0932 2992  \Device\Harddisk0\DR0\Partition6 - ok
20:05:39.0932 2992  ============================================================
20:05:39.0932 2992  Scan finished
20:05:39.0932 2992  ============================================================
20:05:39.0932 3908  Detected object count: 0
20:05:39.0932 3908  Actual detected object count: 0
         

Alt 09.05.2013, 20:58   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.05.2013, 17:26   #11
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



JRT Log:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Marko on 10.05.2013 at 17:54:32,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] "C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi" 
Successfully deleted: [Folder] C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com
Successfully deleted the following from C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\prefs.js

user_pref("extensions.crossrider.bic", "13e7f245b63f8f77f8e6b9d38e3270ac");
user_pref("extensions.crossriderapp16150.16150.InstallationThankYouPage", false);
user_pref("extensions.crossriderapp16150.16150.InstallationTime", 1367932643);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.searchUserConifrmation", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setHomepage", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setNewTab", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setSearch", false);
user_pref("extensions.crossriderapp16150.16150.active", true);
user_pref("extensions.crossriderapp16150.16150.addressbar", "");
user_pref("extensions.crossriderapp16150.16150.addressbarenhanced", "");
user_pref("extensions.crossriderapp16150.16150.backgroundjs", "\n\n/************************************************************************************\n  This is your backgr
user_pref("extensions.crossriderapp16150.16150.backgroundver", 7);
user_pref("extensions.crossriderapp16150.16150.can_run_bg_code", true);
user_pref("extensions.crossriderapp16150.16150.certdomaininstaller", "");
user_pref("extensions.crossriderapp16150.16150.changeprevious", false);
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app16150%22%3A%22app16150%22%2C%22DE%22%3A%22DE%22%7
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_css.expiration", "Sat May 11 2013 17:50:16 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5Cn%5Cn.%25CSSClass%25-top-left%
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_geolocation.expiration", "Tue May 14 2013 15:18:21 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_geolocation.value", "%22DE%22");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_metadata.expiration", "Sat May 11 2013 17:50:16 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A16150%2C%22appName%22%3A%22DKB-Cashback%22%2C%22lastMessageId%22%3A
user_pref("extensions.crossriderapp16150.16150.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.InstallationTime.value", "1367932643");
user_pref("extensions.crossriderapp16150.16150.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.apicalledflag.expiration", "Fri May 10 2013 18:50:13 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.apicalledflag.value", "1");
user_pref("extensions.crossriderapp16150.16150.description", "Mit der DKB-Cashback Erweiterung finden Sie schnell und einfach alle Online-Cashbacks. Somit verpassen Sie keinen
user_pref("extensions.crossriderapp16150.16150.domain", "");
user_pref("extensions.crossriderapp16150.16150.enablesearch", false);
user_pref("extensions.crossriderapp16150.16150.fbremoteurl", "");
user_pref("extensions.crossriderapp16150.16150.group", 0);
user_pref("extensions.crossriderapp16150.16150.homepage", "");
user_pref("extensions.crossriderapp16150.16150.iframe", false);
user_pref("extensions.crossriderapp16150.16150.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22D85F7D9FA8F44583A014AD7A2EECBCCDIE%22%2C%22installer_verifi
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_appVer.value", "39");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_lastVersion.value", "44");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_meta.value", "%7B%22jquery.js%22%3A%7B%22id%22%3A52772%2C%22ver%22%3A44%2C%22status%22%3A1%2C%22name%22%3A%
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_nextCheck.expiration", "Fri May 10 2013 23:50:12 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.expiration", "Thu Aug 08 2013 17:52:58 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.value", "%22/*%21%20jQuery%20v1.8.2%20jquery.com%20%7C%20jquery.org/license%20*/%5Cr%5Cn%28f
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52773.expiration", "Mon Aug 05 2013 15:18:13 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52773.value", "%22.bottomtxt%5Cn%7B%5Cncolor%3A%23ffffff%20%21important%3B%5Cnmargin-top%3A5px%20%
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.expiration", "Thu Aug 08 2013 17:52:58 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.value", "%22/*%21%5Cr%5Cn%20*%20jQuery%20blockUI%20plugin%5Cr%5Cn%20*%20Version%202.45%20%28
user_pref("extensions.crossriderapp16150.16150.js", "\n\n  /************************************************************************************\n  This is your Page Code. The
user_pref("extensions.crossriderapp16150.16150.manifesturl", "");
user_pref("extensions.crossriderapp16150.16150.name", "DKB-Cashback");
user_pref("extensions.crossriderapp16150.16150.newtab", "");
user_pref("extensions.crossriderapp16150.16150.opensearch", "");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return ap
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.name", "base");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.ver", 6);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelect
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.name", "FFAppAPIWrapper");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.ver", 7);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n 
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.name", "jQuery");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.d
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.name", "debug");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=fun
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.name", "resources");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferre
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.name", "initializer");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"unde
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.name", "jquery_1_7_1");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.name", "resources_background");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};var e=/left|center|right/,d=/top|center|bottom/,b=f.fn.position,a=f.fn.offse
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.name", "notifications");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.ver", 5);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);}
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.name", "appApiMessage");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,hooks:{},addHook:function(a,b){this.hooks[a]=b;},removeHook:function(a){del
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.name", "hooks");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.name", "appApiValidation");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAge
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(a){return function(){var f={keyDelay:1000},e,h;return{i
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.name", "search_engine_hook");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===t
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.name", "omniCommands");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98");
user_pref("extensions.crossriderapp16150.16150.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,7,98,9,5,28");
user_pref("extensions.crossriderapp16150.16150.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/16150/plugins/086/ff/plugins.json");
user_pref("extensions.crossriderapp16150.16150.pluginsversion", 26);
user_pref("extensions.crossriderapp16150.16150.publisher", "dkbbrowserextension");
user_pref("extensions.crossriderapp16150.16150.searchstatus", 0);
user_pref("extensions.crossriderapp16150.16150.setnewtab", false);
user_pref("extensions.crossriderapp16150.16150.settingsurl", "");
user_pref("extensions.crossriderapp16150.16150.thankyou", "");
user_pref("extensions.crossriderapp16150.16150.updateinterval", 360);
user_pref("extensions.crossriderapp16150.16150.ver", 39);
user_pref("extensions.crossriderapp16150.adsOldValue", -1);
user_pref("extensions.crossriderapp16150.apps", "16150");
user_pref("extensions.crossriderapp16150.bic", "13e7f245b63f8f77f8e6b9d38e3270ac");
user_pref("extensions.crossriderapp16150.cid", 16150);
user_pref("extensions.crossriderapp16150.firstrun", false);
user_pref("extensions.crossriderapp16150.hadappinstalled", true);
user_pref("extensions.crossriderapp16150.installationdate", 1367932689);
user_pref("extensions.crossriderapp16150.lastcheck", 22803350);
user_pref("extensions.crossriderapp16150.lastcheckitem", 22803353);
user_pref("extensions.crossriderapp16150.modetype", "production");
user_pref("extensions.crossriderapp16150.reportInstall", true);
user_pref("extensions.crossriderapp16150.statsDailyCounter", 7);
Emptied folder: C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\minidumps [86 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2013 at 17:59:24,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

adwcleaner vor Löschung:

Code:
ATTFilter
# AdwCleaner v2.300 - Datei am 10/05/2013 um 18:02:35 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Marko - MARCO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marko\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\qphsui79.default\prefs.js

Gefunden : user_pref("extensions.crossriderapp16150.16150.backgroundjs", "\n\n/********************************[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.value", "%22/*%21[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.value", "%22/*%21[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.js", "\n\n  /****************************************[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searc[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.code", "(function(){var b=\"cr_\"+a[...]

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2819 octets] - [10/05/2013 18:00:22]
AdwCleaner[R2].txt - [2632 octets] - [10/05/2013 18:02:35]
AdwCleaner[S1].txt - [303 octets] - [10/05/2013 18:01:37]

########## EOF - C:\AdwCleaner[R2].txt - [2751 octets] ##########
         
adw cleaner nach Löschung:

Code:
ATTFilter
# AdwCleaner v2.300 - Datei am 10/05/2013 um 18:21:14 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Marko - MARCO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marko\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\qphsui79.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2819 octets] - [10/05/2013 18:00:22]
AdwCleaner[R2].txt - [2820 octets] - [10/05/2013 18:02:35]
AdwCleaner[R3].txt - [1210 octets] - [10/05/2013 18:07:41]
AdwCleaner[R4].txt - [1023 octets] - [10/05/2013 18:21:14]
AdwCleaner[S1].txt - [303 octets] - [10/05/2013 18:01:37]
AdwCleaner[S2].txt - [2882 octets] - [10/05/2013 18:02:47]

########## EOF - C:\AdwCleaner[R4].txt - [1202 octets] ##########
         

OTL als Anhang (zu groß)



Extras

Code:
ATTFilter
OTL Extras logfile created on: 10.05.2013 18:08:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,62 Gb Available Physical Memory | 83,33% Memory free
12,45 Gb Paging File | 10,98 Gb Available in Paging File | 88,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 244,24 Gb Free Space | 56,84% Space Free | Partition Type: NTFS
 
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- c:\program files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0951D2E1-D74F-48E6-A7CA-A6A3071D3971}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{0A25A8A7-997C-4DC9-8779-BD2AA4F16228}" = dir=out | name=mcafee security advisor for sony | 
"{12A3DC6B-8C9C-4F99-A4BC-542691288871}" = dir=out | name=microsoft minesweeper | 
"{12C4B2C5-0B76-4308-9642-23A404004EA6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{1A627A81-FCDB-4359-A6B6-EE5F71972348}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{1BCB4F6F-8338-4807-88AD-2369D724CC03}" = dir=out | name=wordament | 
"{1F3345A8-EF4E-47EE-9F47-74B7FD5FB935}" = dir=out | name=vaio message center | 
"{21EEB5F9-1C54-47E8-A301-B801C2E644FC}" = dir=out | name=taptiles | 
"{2A54FEEF-36C0-4459-BFDE-F2AD7FE846A5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{2EF3358C-BF7B-49FD-9BD4-689C18387587}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{32EB4D28-D8E5-4C63-8642-4A43F5D74B69}" = dir=out | name=- games app - | 
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{4A593217-4CD8-49BD-86DA-FF46B86305E9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{5C7B4E84-413B-4A72-A8F5-75C74183C9B9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{5C8AF4FD-B98B-4224-85C1-1B3C94730DC2}" = dir=out | name=microsoft solitaire collection | 
"{61D5201F-E2BC-4C56-9780-8AC42C6C7659}" = dir=out | name=skype | 
"{6B0C650C-8F1D-4F34-8A55-5233780292C5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{6C719750-AB40-4387-8286-AD3A4507208F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{71329C44-C82D-46AF-9FA7-F2058134448F}" = dir=out | name=vaio care | 
"{7691044B-B720-4441-A2C0-F68BF373071B}" = dir=in | name=ebay | 
"{7AB64358-22A3-4E58-8A53-4AD5FD599B39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{819F78F7-5827-422C-B692-A29350B02B02}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{89B8243F-6641-447A-87F3-9A24280870EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{8B07ACAA-6F9F-448A-9279-41FB80350F2E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{95D2A332-8819-4B3A-B4D9-D0F3ED18A653}" = dir=in | name=vaio care | 
"{99E60D6A-6C60-4122-9054-DC335F781C40}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{A8271BF6-986F-468C-BF97-B2401BD857D9}" = dir=out | name=ebay | 
"{B629B822-0D5E-4A4D-934C-FFEA1C10AED2}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{C7EFD2BA-F489-49AB-8A56-10949374A4A2}" = dir=in | name=skype | 
"{DD1B8599-7484-4E3A-90C5-BE70E206BC6E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{ED071BD4-FF56-4DF3-BD0E-0DD5900AA358}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{ED404449-B544-4C28-9600-F8FF7A2D4D3E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{F27AE307-315A-4504-85D2-4FDCC29F6F7A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FDBFAC30-24D7-4D3B-A5F1-F2A2B181A824}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 10.05.2013 12:05:00 | Computer Name = Marco | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 10.05.2013 12:10:44 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         

Alt 10.05.2013, 19:40   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Code:
ATTFilter
Scan Mode: Current user
         
Du hast den Haken bei Scanne alle Benutzer vergessen! Bitte das Log nochmal richtig machen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.05.2013, 20:37   #13
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



sorry, mein Fehler.

OTL

Code:
ATTFilter
OTL logfile created on: 10.05.2013 21:23:43 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,57 Gb Available Physical Memory | 82,69% Memory free
12,45 Gb Paging File | 10,41 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 243,94 Gb Free Space | 56,77% Space Free | Partition Type: NTFS
 
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Marko\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\vesmgrsub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\isbmgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe ()
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\pmbvolumewatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Sony\VAIO Care\listener.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfeicfcoreocp) -- C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe File not found
SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe ()
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (MozillaMaintenance) -- c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (SafeBox) -- C:\Programme\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avckf) -- C:\Windows\SysNative\Drivers\avckf.sys (BitDefender)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\Drivers\avc3.sys (BitDefender)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\Drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\Drivers\avchv.sys (BitDefender)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\Drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\Drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\Drivers\bdvedisk.sys (BitDefender)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\Drivers\btath_vdp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\Drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (bdelam) -- C:\Windows\SysNative\Drivers\bdelam.sys (Bitdefender)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (SOWS) -- C:\Windows\SysNative\Drivers\sows.sys (Sony Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\Drivers\e1y60x64.sys (Intel Corporation)
DRV - (BdfNdisf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.diesiedleronline.de/de
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes,DefaultScope = {3A787D19-3A91-49A9-A57D-E51FA6C5FD26}
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{3A787D19-3A91-49A9-A57D-E51FA6C5FD26}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{BC7C2E91-EF4A-46D5-88C3-83657E71D1CB}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.mydealz.de/"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.autoconfig_url: "https://secure.premiumize.me/aebe55ce14110e7eaa033cfa2e2f22e3/proxy.pac"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.05.09 15:13:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.09 15:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.09 15:29:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.05.09 15:13:41 | 000,000,000 | ---D | M]
 
[2013.05.09 15:25:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions
[2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.05.10 17:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions
[2013.05.09 15:26:13 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\foxmarks@kei.com
[2013.05.08 20:27:10 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.09 15:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://sony13.msn.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Drive = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1894D1E-4985-41E1-A93F-16481E55A7A1}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.10 17:54:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.10 17:54:11 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.10 17:52:37 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Marko\Desktop\JRT.exe
[2013.05.09 20:25:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Macromedia
[2013.05.09 20:25:07 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\covers
[2013.05.09 20:24:34 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\logs
[2013.05.09 19:58:52 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Marko\Desktop\tdsskiller.exe
[2013.05.09 19:56:55 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Marko\Desktop\aswMBR.exe
[2013.05.09 17:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.05.09 17:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.05.09 17:23:11 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Google
[2013.05.09 16:33:26 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\WinRAR
[2013.05.09 16:30:35 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.09 16:30:35 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.09 16:19:28 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2013.05.09 15:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.05.09 15:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013.05.09 15:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013.05.09 15:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.05.09 15:44:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.05.09 15:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.05.09 15:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013.05.09 15:41:27 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Microsoft Help
[2013.05.09 15:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.05.09 15:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.05.09 15:38:29 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.09 15:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.09 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.05.09 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\lopoll
[2013.05.09 15:29:30 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Thunderbird
[2013.05.09 15:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.09 15:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.05.09 15:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.09 15:26:29 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Macromedia
[2013.05.09 15:25:56 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll
[2013.05.09 15:25:56 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll
[2013.05.09 15:25:25 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Mozilla
[2013.05.09 15:24:48 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013.05.09 15:24:47 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.05.09 15:24:47 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.05.09 15:24:47 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013.05.09 15:24:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.05.09 15:24:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013.05.09 15:24:47 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.05.09 15:24:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.05.09 15:24:45 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll
[2013.05.09 15:24:45 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013.05.09 15:24:45 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll
[2013.05.09 15:24:44 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2013.05.09 15:24:44 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2013.05.09 15:24:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013.05.09 15:24:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll
[2013.05.09 15:24:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll
[2013.05.09 15:24:43 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2013.05.09 15:24:43 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll
[2013.05.09 15:24:43 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2013.05.09 15:24:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2013.05.09 15:24:42 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.09 15:24:42 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.09 15:24:42 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2013.05.09 15:24:41 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2013.05.09 15:24:41 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2013.05.09 15:24:41 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll
[2013.05.09 15:24:41 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2013.05.09 15:24:41 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2013.05.09 15:24:41 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2013.05.09 15:24:41 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll
[2013.05.09 15:24:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.05.09 15:24:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe
[2013.05.09 15:24:40 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013.05.09 15:24:40 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013.05.09 15:24:40 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll
[2013.05.09 15:24:40 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL
[2013.05.09 15:24:36 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.05.09 15:24:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.05.09 15:24:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2013.05.09 15:24:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2013.05.09 15:24:36 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2013.05.09 15:24:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll
[2013.05.09 15:24:35 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll
[2013.05.09 15:24:35 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll
[2013.05.09 15:24:34 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2013.05.09 15:24:34 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll
[2013.05.09 15:24:34 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll
[2013.05.09 15:24:33 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.05.09 15:24:33 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.05.09 15:24:33 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.05.09 15:24:32 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2013.05.09 15:24:32 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013.05.09 15:24:32 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.05.09 15:24:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013.05.09 15:24:32 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.05.09 15:24:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013.05.09 15:24:31 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.05.09 15:24:31 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013.05.09 15:24:31 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2013.05.09 15:24:30 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe
[2013.05.09 15:24:28 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.05.09 15:24:28 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.05.09 15:24:28 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys
[2013.05.09 15:24:27 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013.05.09 15:24:27 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys
[2013.05.09 15:24:27 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2013.05.09 15:23:51 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.05.09 15:23:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.09 15:23:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.09 15:23:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.09 15:23:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.09 15:23:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.09 15:23:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.09 15:23:42 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.09 15:23:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.09 15:23:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.09 15:22:56 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.05.09 15:22:43 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.05.09 15:22:40 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2013.05.09 15:22:15 | 000,000,000 | ---D | C] -- C:\Windows.old
[2013.05.09 15:21:25 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe
[2013.05.09 15:21:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe
[2013.05.09 15:21:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe
[2013.05.09 15:21:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe
[2013.05.09 15:21:22 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2013.05.09 15:21:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013.05.09 15:21:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll
[2013.05.09 15:21:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmproxy.dll
[2013.05.09 15:21:20 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.05.09 15:21:20 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2013.05.09 15:21:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013.05.09 15:21:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2013.05.09 15:21:16 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlroamextension.dll
[2013.05.09 15:21:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlroamextension.dll
[2013.05.09 15:21:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll
[2013.05.09 15:21:14 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hotspotauth.dll
[2013.05.09 15:21:14 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
[2013.05.09 15:21:13 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2013.05.09 15:21:13 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2013.05.09 15:21:12 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll
[2013.05.09 15:21:12 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll
[2013.05.09 15:21:08 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2013.05.09 15:21:07 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2013.05.09 15:21:05 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\duser.dll
[2013.05.09 15:21:01 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2013.05.09 15:20:54 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2013.05.09 15:20:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013.05.09 15:20:47 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2013.05.09 15:18:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Thunderbird
[2013.05.09 15:17:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.05.09 15:16:36 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll
[2013.05.09 15:16:36 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2013.05.09 15:16:36 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2013.05.09 15:15:53 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2013.05.09 15:15:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll
[2013.05.09 15:15:52 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2013.05.09 15:15:52 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2013.05.09 15:15:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll
[2013.05.09 15:15:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll
[2013.05.09 15:15:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll
[2013.05.09 15:15:51 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2013.05.09 15:15:51 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL
[2013.05.09 15:15:51 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2013.05.09 15:15:51 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll
[2013.05.09 15:15:51 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll
[2013.05.09 15:15:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2013.05.09 15:15:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2013.05.09 15:15:50 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll
[2013.05.09 15:15:50 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll
[2013.05.09 15:15:50 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe
[2013.05.09 15:15:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe
[2013.05.09 15:15:49 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll
[2013.05.09 15:15:48 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2013.05.09 15:15:45 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013.05.09 15:15:45 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.09 15:15:44 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.05.09 15:15:44 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll
[2013.05.09 15:15:44 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys
[2013.05.09 15:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013.05.09 15:14:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.05.09 15:14:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.05.09 15:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013.05.09 15:13:48 | 000,023,456 | ---- | C] (Bitdefender) -- C:\Windows\SysNative\drivers\bdelam.sys
[2013.05.09 15:13:45 | 000,078,752 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013.05.09 15:13:40 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013.05.09 15:13:40 | 000,098,768 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\bdfndisf6.sys
[2013.05.09 15:13:40 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013.05.09 15:13:36 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013.05.09 15:13:36 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013.05.09 15:13:35 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013.05.09 15:13:09 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2013.05.09 15:11:40 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll
[2013.05.09 15:11:40 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll
[2013.05.09 15:11:09 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Bitdefender
[2013.05.09 15:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013.05.09 15:10:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2013.05.09 15:10:38 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2013.05.09 15:10:04 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebcamUi.dll
[2013.05.09 15:10:04 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserLanguagesCpl.dll
[2013.05.09 15:10:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserLanguagesCpl.dll
[2013.05.09 15:10:03 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Taskmgr.exe
[2013.05.09 15:10:03 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebcamUi.dll
[2013.05.09 15:10:02 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll
[2013.05.09 15:10:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vds_ps.dll
[2013.05.09 15:10:00 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.05.09 15:10:00 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.05.09 15:10:00 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013.05.09 15:09:59 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.05.09 15:09:58 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Taskmgr.exe
[2013.05.09 15:09:57 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll
[2013.05.09 15:09:57 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013.05.09 15:09:57 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds_ps.dll
[2013.05.09 15:09:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsldr.exe
[2013.05.09 15:09:56 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.05.09 15:09:53 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnapps.dll
[2013.05.09 15:09:53 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpnapps.dll
[2013.05.09 15:09:48 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.05.09 15:09:48 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.05.09 15:09:42 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthhfHid.sys
[2013.05.09 15:09:42 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BtaMPM.sys
[2013.05.09 15:08:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2013.05.09 15:08:11 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2013.05.09 15:08:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL
[2013.05.09 15:08:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL
[2013.05.09 15:08:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys
[2013.05.09 15:07:01 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\QuickScan
[2013.05.09 15:06:29 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2013.05.09 15:06:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.09 15:06:28 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2013.05.09 15:06:28 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2013.05.09 15:06:28 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2013.05.09 15:06:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.09 15:05:58 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2013.05.09 15:05:58 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2013.05.09 15:05:39 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013.05.09 15:05:38 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013.05.09 15:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.05.09 15:05:26 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resetengmig.dll
[2013.05.09 15:05:26 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysreset.exe
[2013.05.09 15:04:56 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Mozilla
[2013.05.09 15:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.09 15:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.05.09 15:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2013.05.09 15:04:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.05.09 15:03:25 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll
[2013.05.09 15:03:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2013.05.09 15:03:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll
[2013.05.09 15:03:15 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll
[2013.05.09 15:03:15 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll
[2013.05.09 15:03:14 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2013.05.09 15:03:14 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2013.05.09 15:03:14 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2013.05.09 15:03:14 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2013.05.09 15:03:14 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2013.05.09 15:03:14 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2013.05.09 15:03:14 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2013.05.09 15:03:12 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2013.05.09 15:03:12 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2013.05.09 15:03:11 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe
[2013.05.09 15:03:08 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2013.05.09 15:03:06 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2013.05.09 15:03:06 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2013.05.09 15:03:06 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013.05.09 15:03:04 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2013.05.09 15:03:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2013.05.09 15:03:03 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll
[2013.05.09 15:03:03 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll
[2013.05.09 15:03:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2013.05.09 15:03:02 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll
[2013.05.09 15:03:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2013.05.09 15:03:02 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2013.05.09 15:03:02 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll
[2013.05.09 15:03:02 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2013.05.09 15:03:02 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll
[2013.05.09 15:03:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2013.05.09 15:03:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll
[2013.05.09 15:03:02 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWCN.dll
[2013.05.09 15:03:02 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2013.05.09 15:03:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll
[2013.05.09 15:03:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll
[2013.05.09 15:03:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapPeerProxy.dll
[2013.05.09 15:03:02 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapAuthProxy.dll
[2013.05.09 15:03:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll
[2013.05.09 15:03:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll
[2013.05.09 15:03:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll
[2013.05.09 15:02:58 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2013.05.09 15:02:54 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.05.09 15:02:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys
[2013.05.09 15:02:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2013.05.09 14:59:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2013.05.09 14:59:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2013.05.09 14:59:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2013.05.09 14:59:19 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2013.05.09 14:58:11 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll
[2013.05.09 14:58:10 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetcore.dll
[2013.05.09 14:58:10 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll
[2013.05.09 14:58:10 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetcore.dll
[2013.05.09 14:58:09 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetsrc.dll
[2013.05.09 14:58:09 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetsrc.dll
[2013.05.09 14:56:34 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013.05.09 14:56:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013.05.09 14:56:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
[2013.05.09 14:56:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appserverai.dll
[2013.05.09 14:56:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDWebAI.dll
[2013.05.09 14:56:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmHostAI.dll
[2013.05.09 14:52:11 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Immersive.dll
[2013.05.09 14:52:10 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Immersive.dll
[2013.05.09 14:52:07 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxSip.dll
[2013.05.09 14:52:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxSip.dll
[2013.05.09 14:52:06 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.05.09 14:52:06 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013.05.09 14:52:06 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2013.05.09 14:52:06 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2013.05.09 14:52:05 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2013.05.09 14:52:05 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2013.05.09 14:52:03 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll
[2013.05.09 14:52:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icfupgd.dll
[2013.05.09 14:52:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfapigp.dll
[2013.05.09 14:52:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfapigp.dll
[2013.05.09 14:52:02 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013.05.09 14:52:02 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013.05.09 14:52:02 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013.05.09 14:52:02 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013.05.09 14:52:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-pdc.dll
[2013.05.09 14:52:00 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2013.05.09 14:52:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PCPKsp.dll
[2013.05.09 14:52:00 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeUISrv.exe
[2013.05.09 14:52:00 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCPKsp.dll
[2013.05.09 14:51:59 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013.05.09 14:51:59 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013.05.09 14:51:59 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013.05.09 14:51:59 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013.05.09 14:51:59 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013.05.09 14:51:59 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013.05.09 14:51:59 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013.05.09 14:51:59 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013.05.09 14:51:59 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013.05.09 14:51:59 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013.05.09 14:51:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013.05.09 14:51:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2013.05.09 14:51:59 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2013.05.09 14:51:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013.05.09 14:51:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013.05.09 14:51:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2013.05.09 14:51:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2013.05.09 14:51:57 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll
[2013.05.09 14:51:57 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll
[2013.05.09 14:51:50 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013.05.09 14:51:48 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SpaceControl.dll
[2013.05.09 14:51:48 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Storage.Compression.dll
[2013.05.09 14:51:48 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Storage.Compression.dll
[2013.05.09 14:51:48 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2013.05.09 14:51:47 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2013.05.09 14:51:47 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2013.05.09 14:51:43 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2013.05.09 14:51:43 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2013.05.09 14:51:42 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.05.09 14:51:42 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2013.05.09 14:51:42 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2013.05.09 14:51:40 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.05.09 14:51:40 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2013.05.09 14:51:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdhebl3.dll
[2013.05.09 14:51:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdhebl3.dll
[2013.05.09 14:51:39 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2013.05.09 14:51:38 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013.05.09 14:51:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013.05.09 14:51:37 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.05.09 14:51:36 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2013.05.09 14:51:33 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2013.05.09 14:51:33 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll
[2013.05.09 14:51:33 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013.05.09 14:51:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013.05.09 14:51:33 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdstor.sys
[2013.05.09 14:51:32 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys
[2013.05.09 14:50:34 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013.05.09 14:50:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013.05.09 14:50:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll
[2013.05.09 14:50:34 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll
[2013.05.09 14:50:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe
[2013.05.09 14:50:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll
[2013.05.09 14:50:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll
[2013.05.09 14:50:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll
[2013.05.09 14:50:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll
[2013.05.09 14:50:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll
[2013.05.09 14:50:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2013.05.09 14:50:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll
[2013.05.09 14:50:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2013.05.09 14:50:33 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe
[2013.05.09 14:49:00 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2013.05.09 14:49:00 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2013.05.09 14:48:58 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2013.05.09 14:46:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgentc.exe
[2013.05.09 14:46:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2013.05.09 14:46:15 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.05.09 14:46:15 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.05.09 14:46:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.09 14:45:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.09 14:45:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.09 14:44:59 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2013.05.09 14:44:59 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndadmin.exe
[2013.05.09 14:44:58 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2013.05.09 14:44:58 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2013.05.09 14:44:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2013.05.09 14:44:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndadmin.exe
[2013.05.09 14:44:38 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquota.dll
[2013.05.09 14:44:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquota.dll
[2013.05.09 14:44:37 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.05.09 14:44:37 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rfxvmt.dll
[2013.05.09 14:44:37 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.05.09 14:44:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2013.05.09 14:44:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2013.05.09 14:44:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2013.05.09 14:44:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2013.05.09 14:43:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.dll
[2013.05.09 14:43:07 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2013.05.09 14:43:07 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2013.05.09 14:43:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DAFWSD.dll
[2013.05.09 14:43:07 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avrt.dll
[2013.05.09 14:43:06 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcfg.dll
[2013.05.09 14:43:06 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcat.dll
[2013.05.09 14:43:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhengine.dll
[2013.05.09 14:43:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhmanagew.exe
[2013.05.09 14:43:06 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhshl.dll
[2013.05.09 14:43:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsvc.dll
[2013.05.09 14:43:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsrchapi.dll
[2013.05.09 14:43:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhevents.dll
[2013.05.09 14:43:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsrchph.dll
[2013.05.09 14:43:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhlisten.dll
[2013.05.09 14:43:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhautoplay.dll
[2013.05.09 14:43:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcleanup.dll
[2013.05.09 14:43:06 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsvcctl.dll
[2013.05.09 14:43:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhtask.dll
[2013.05.09 14:43:01 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2013.05.09 14:43:01 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2013.05.09 14:43:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2013.05.09 14:43:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2013.05.09 14:43:00 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2013.05.09 14:43:00 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2013.05.09 14:43:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.05.09 14:43:00 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.05.09 14:42:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe
[2013.05.09 14:42:55 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013.05.09 14:42:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfctrs.dll
[2013.05.09 14:42:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfproc.dll
[2013.05.09 14:42:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfos.dll
[2013.05.09 14:42:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2013.05.09 14:42:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfnet.dll
[2013.05.09 14:42:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eventcls.dll
[2013.05.09 14:42:53 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2013.05.09 14:42:53 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpremove.exe
[2013.05.09 14:42:53 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LangCleanupSysprepAction.dll
[2013.05.09 14:42:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MUILanguageCleanup.dll
[2013.05.09 14:42:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetupproxyserv.dll
[2013.05.09 14:42:52 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.dll
[2013.05.09 14:42:51 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2013.05.09 14:42:34 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2013.05.09 14:42:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe
[2013.05.09 14:42:33 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2013.05.09 14:42:33 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2013.05.09 14:42:33 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2013.05.09 14:42:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll
[2013.05.09 14:42:32 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfos.dll
[2013.05.09 14:42:32 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-kernel-power-events.dll
[2013.05.09 14:42:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfctrs.dll
[2013.05.09 14:42:32 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfproc.dll
[2013.05.09 14:42:32 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2013.05.09 14:42:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfnet.dll
[2013.05.09 14:42:31 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2013.05.09 14:42:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vsstrace.dll
[2013.05.09 14:42:30 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TpmTasks.dll
[2013.05.09 14:42:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eventcls.dll
[2013.05.09 14:42:29 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2013.05.09 14:42:29 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2013.05.09 14:42:29 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2013.05.09 14:42:29 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll
[2013.05.09 14:42:28 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys
[2013.05.09 14:42:23 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe
[2013.05.09 14:42:22 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll
[2013.05.09 14:42:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2013.05.09 14:42:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndptsp.tsp
[2013.05.09 14:42:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2013.05.09 14:42:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kmddsp.tsp
[2013.05.09 14:42:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmxs.dll
[2013.05.09 14:42:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasser.dll
[2013.05.09 14:42:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll
[2013.05.09 14:42:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2013.05.09 14:42:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2013.05.09 14:42:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmxs.dll
[2013.05.09 14:42:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasser.dll
[2013.05.09 14:42:15 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll
[2013.05.09 14:42:15 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll
[2013.05.09 14:42:12 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsrcsnk.dll
[2013.05.09 14:42:12 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2013.05.09 14:42:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2013.05.09 14:42:11 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsrcsnk.dll
[2013.05.09 14:42:10 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013.05.09 14:42:10 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll
[2013.05.09 14:42:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll
[2013.05.09 14:42:10 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvproc.dll
[2013.05.09 14:42:10 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvproc.dll
[2013.05.09 14:42:09 | 014,259,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013.05.09 14:42:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2013.05.09 14:42:08 | 011,875,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013.05.09 14:42:08 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013.05.09 14:42:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2013.05.09 14:42:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2013.05.09 14:42:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2013.05.09 14:42:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2013.05.09 14:42:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2013.05.09 14:42:05 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfh264enc.dll
[2013.05.09 14:42:05 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfh264enc.dll
[2013.05.09 14:41:56 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013.05.09 14:41:55 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\combase.dll
[2013.05.09 14:41:55 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinTypes.dll
[2013.05.09 14:41:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncHost.exe
[2013.05.09 14:41:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncHost.exe
[2013.05.09 14:41:49 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.05.09 14:41:49 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.05.09 14:41:48 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\provcore.dll
[2013.05.09 14:41:48 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\provcore.dll
[2013.05.09 14:41:47 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWAHost.exe
[2013.05.09 14:41:47 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWAHost.exe
[2013.05.09 14:41:45 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidcredprov.dll
[2013.05.09 14:41:45 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidcredprov.dll
[2013.05.09 14:41:44 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.dll
[2013.05.09 14:41:44 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsSpellCheckingFacility.dll
[2013.05.09 14:41:44 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpncore.dll
[2013.05.09 14:41:44 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnprv.dll
[2013.05.09 14:41:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2013.05.09 14:41:44 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll
[2013.05.09 14:41:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psmsrv.dll
[2013.05.09 14:41:43 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2013.05.09 14:41:42 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2013.05.09 14:41:41 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2013.05.09 14:41:41 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2013.05.09 14:41:41 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2013.05.09 14:41:41 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2013.05.09 14:41:41 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2013.05.09 14:41:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PackageStateRoaming.dll
[2013.05.09 14:41:41 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PackageStateRoaming.dll
[2013.05.09 14:41:33 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2013.05.09 14:41:32 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.05.09 14:41:29 | 001,701,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.05.09 14:41:27 | 003,847,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.09 14:41:27 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.05.09 14:41:27 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.05.09 14:41:26 | 002,367,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2013.05.09 14:41:26 | 002,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.09 14:41:25 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2013.05.09 14:41:25 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
[2013.05.09 14:41:25 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2013.05.09 14:41:25 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
[2013.05.09 14:41:21 | 000,120,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2013.05.09 14:41:20 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013.05.09 14:41:20 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.05.09 14:41:19 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013.05.09 14:41:18 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\combase.dll
[2013.05.09 14:41:18 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinTypes.dll
[2013.05.09 14:41:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2013.05.09 14:41:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\svchost.exe
[2013.05.09 14:41:15 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2013.05.09 14:41:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.05.09 14:41:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.05.09 14:41:11 | 001,825,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.05.09 14:40:55 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013.05.09 14:40:55 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013.05.09 14:40:54 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013.05.09 14:40:53 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys
[2013.05.09 14:40:53 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys
[2013.05.09 14:40:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2013.05.09 14:40:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.05.09 14:39:57 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Sony Corporation
[2013.05.09 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Power2Go8
[2013.05.09 14:39:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\ATI
[2013.05.09 14:39:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\ATI
[2013.05.09 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Sony Corporation
[2013.05.09 14:38:25 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\BMExplorer
[2013.05.09 14:38:05 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Atheros
[2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\Searches
[2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.05.09 14:36:58 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Adobe
[2013.05.09 14:36:42 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.05.09 14:36:42 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.05.09 14:36:41 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.05.09 14:36:41 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013.05.09 14:36:41 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013.05.09 14:36:41 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.05.09 14:36:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013.05.09 14:36:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013.05.09 14:31:35 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\VirtualStore
[2013.05.09 14:31:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013.05.09 14:31:22 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013.05.09 14:25:28 | 000,000,000 | --SD | C] -- C:\Users\Marko\AppData\Roaming\Microsoft
[2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\Favorites
[2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\Desktop
[2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Vorlagen
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Verlauf
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Temporary Internet Files
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Startmenü
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\SendTo
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Recent
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Netzwerkumgebung
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Lokale Einstellungen
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Videos
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Musik
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Eigene Dateien
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Bilder
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Druckumgebung
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Cookies
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Anwendungsdaten
[2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Anwendungsdaten
[2013.05.09 14:25:28 | 000,000,000 | -H-D | C] -- C:\Users\Marko\AppData
[2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Temp
[2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Microsoft
[2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.05.08 16:19:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.05.07 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\mbar
[2013.05.04 13:42:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\My Recorded Scripts
[2013.05.03 15:19:04 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Neuer Ordner
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.10 21:03:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.10 19:31:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.10 18:25:43 | 000,021,652 | ---- | M] () -- C:\Users\Marko\Desktop\OTL.zip
[2013.05.10 18:10:33 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.10 18:10:33 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.10 18:10:33 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.10 18:10:33 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.10 18:10:32 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.10 18:06:18 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.10 18:04:22 | 000,424,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.10 18:04:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.10 18:04:01 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.10 17:53:10 | 000,628,743 | ---- | M] () -- C:\Users\Marko\Desktop\adwcleaner.exe
[2013.05.10 17:52:37 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Marko\Desktop\JRT.exe
[2013.05.09 19:58:57 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Marko\Desktop\tdsskiller.exe
[2013.05.09 19:58:37 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Marko\Desktop\aswMBR.exe
[2013.05.09 19:54:33 | 000,001,030 | ---- | M] () -- C:\Users\Marko\Desktop\Festplatte APM - Verknüpfung.lnk
[2013.05.09 17:27:41 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.05.09 16:30:33 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013.05.09 15:40:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.05.09 15:29:26 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.09 15:28:22 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.09 15:19:46 | 000,600,339 | ---- | M] () -- C:\ProgramData\1368104719.bdinstall.bin
[2013.05.09 15:14:34 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.05.09 15:14:34 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.05.09 15:14:34 | 000,000,636 | -H-- | M] () -- C:\bdr-cf01
[2013.05.09 15:14:09 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013.05.09 15:14:09 | 000,002,197 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013.05.09 15:14:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.05.09 14:37:49 | 000,020,340 | ---- | M] () -- C:\Users\Marko\Desktop\Entfernte Anwendungen.html
[2013.05.09 14:29:48 | 000,020,958 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.05.09 14:29:47 | 000,020,958 | ---- | M] () -- C:\Windows\diagerr.xml
[2013.05.08 21:52:47 | 002,277,715 | ---- | M] () -- C:\Users\Marko\Desktop\20130508_200557.jpg
[2013.05.08 16:19:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.05.07 20:04:45 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02
[2013.05.07 20:04:45 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr
[2013.05.07 20:04:45 | 000,000,638 | -H-- | M] () -- C:\bdr-cf02
[2013.05.07 19:47:30 | 000,377,856 | ---- | M] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe
[2013.05.02 19:55:40 | 000,272,870 | ---- | M] () -- C:\Users\Marko\Desktop\hm.oxps
[2013.04.17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013.04.17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013.04.12 17:39:26 | 009,892,886 | ---- | M] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg
[2013.04.12 17:19:12 | 038,516,263 | -H-- | M] () -- C:\bdr-im02.gz
 
========== Files Created - No Company Name ==========
 
[2013.05.10 18:25:43 | 000,021,652 | ---- | C] () -- C:\Users\Marko\Desktop\OTL.zip
[2013.05.10 18:04:10 | 000,424,616 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.10 17:53:10 | 000,628,743 | ---- | C] () -- C:\Users\Marko\Desktop\adwcleaner.exe
[2013.05.09 19:54:33 | 000,001,030 | ---- | C] () -- C:\Users\Marko\Desktop\Festplatte APM - Verknüpfung.lnk
[2013.05.09 17:27:41 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.05.09 17:26:36 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.09 17:26:34 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.09 16:30:33 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013.05.09 15:40:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.05.09 15:29:26 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.05.09 15:29:26 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.09 15:28:22 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.05.09 15:28:22 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.09 15:24:36 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.05.09 15:19:45 | 000,600,339 | ---- | C] () -- C:\ProgramData\1368104719.bdinstall.bin
[2013.05.09 15:14:34 | 000,000,636 | -H-- | C] () -- C:\bdr-cf01
[2013.05.09 15:14:09 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013.05.09 15:14:09 | 000,002,197 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk
[2013.05.09 15:14:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.05.09 15:11:04 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013.05.09 15:11:04 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.05.09 15:10:57 | 038,516,263 | -H-- | C] () -- C:\bdr-im01.gz
[2013.05.09 15:10:57 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.05.09 14:41:25 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013.05.09 14:41:25 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.05.09 14:37:49 | 000,020,340 | ---- | C] () -- C:\Users\Marko\Desktop\Entfernte Anwendungen.html
[2013.05.09 14:36:58 | 000,001,438 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.09 14:36:50 | 000,002,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk
[2013.05.09 14:25:20 | 000,020,958 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013.05.09 14:25:20 | 000,020,958 | ---- | C] () -- C:\Windows\diagerr.xml
[2013.05.08 21:52:46 | 002,277,715 | ---- | C] () -- C:\Users\Marko\Desktop\20130508_200557.jpg
[2013.05.07 19:47:29 | 000,377,856 | ---- | C] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe
[2013.05.02 19:55:38 | 000,272,870 | ---- | C] () -- C:\Users\Marko\Desktop\hm.oxps
[2013.04.12 17:39:25 | 009,892,886 | ---- | C] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg
[2013.01.17 20:07:07 | 000,010,495 | ---- | C] () -- C:\Users\Marko\Giemza_elster_2048.pfx
[2013.01.07 19:36:11 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.01.07 18:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.21 12:02:51 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.21 12:02:51 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.21 12:02:50 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         

Alt 10.05.2013, 20:38   #14
janek911
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



und

Extras

Code:
ATTFilter
OTL Extras logfile created on: 10.05.2013 21:23:43 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,57 Gb Available Physical Memory | 82,69% Memory free
12,45 Gb Paging File | 10,41 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 243,94 Gb Free Space | 56,77% Space Free | Partition Type: NTFS
 
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- c:\program files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0951D2E1-D74F-48E6-A7CA-A6A3071D3971}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{0A25A8A7-997C-4DC9-8779-BD2AA4F16228}" = dir=out | name=mcafee security advisor for sony | 
"{12A3DC6B-8C9C-4F99-A4BC-542691288871}" = dir=out | name=microsoft minesweeper | 
"{12C4B2C5-0B76-4308-9642-23A404004EA6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{1A627A81-FCDB-4359-A6B6-EE5F71972348}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{1BCB4F6F-8338-4807-88AD-2369D724CC03}" = dir=out | name=wordament | 
"{1F3345A8-EF4E-47EE-9F47-74B7FD5FB935}" = dir=out | name=vaio message center | 
"{21EEB5F9-1C54-47E8-A301-B801C2E644FC}" = dir=out | name=taptiles | 
"{2A54FEEF-36C0-4459-BFDE-F2AD7FE846A5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{2EF3358C-BF7B-49FD-9BD4-689C18387587}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{32EB4D28-D8E5-4C63-8642-4A43F5D74B69}" = dir=out | name=- games app - | 
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{4A593217-4CD8-49BD-86DA-FF46B86305E9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{5C7B4E84-413B-4A72-A8F5-75C74183C9B9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{5C8AF4FD-B98B-4224-85C1-1B3C94730DC2}" = dir=out | name=microsoft solitaire collection | 
"{61D5201F-E2BC-4C56-9780-8AC42C6C7659}" = dir=out | name=skype | 
"{6B0C650C-8F1D-4F34-8A55-5233780292C5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{6C719750-AB40-4387-8286-AD3A4507208F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{71329C44-C82D-46AF-9FA7-F2058134448F}" = dir=out | name=vaio care | 
"{7691044B-B720-4441-A2C0-F68BF373071B}" = dir=in | name=ebay | 
"{7AB64358-22A3-4E58-8A53-4AD5FD599B39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{819F78F7-5827-422C-B692-A29350B02B02}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{89B8243F-6641-447A-87F3-9A24280870EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{8B07ACAA-6F9F-448A-9279-41FB80350F2E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{95D2A332-8819-4B3A-B4D9-D0F3ED18A653}" = dir=in | name=vaio care | 
"{99E60D6A-6C60-4122-9054-DC335F781C40}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{A8271BF6-986F-468C-BF97-B2401BD857D9}" = dir=out | name=ebay | 
"{B629B822-0D5E-4A4D-934C-FFEA1C10AED2}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{C7EFD2BA-F489-49AB-8A56-10949374A4A2}" = dir=in | name=skype | 
"{DD1B8599-7484-4E3A-90C5-BE70E206BC6E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{ED071BD4-FF56-4DF3-BD0E-0DD5900AA358}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{ED404449-B544-4C28-9600-F8FF7A2D4D3E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{F27AE307-315A-4504-85D2-4FDCC29F6F7A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FDBFAC30-24D7-4D3B-A5F1-F2A2B181A824}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 10.05.2013 12:05:00 | Computer Name = Marco | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 10.05.2013 12:10:44 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
Error - 10.05.2013 15:09:12 | Computer Name = Marco | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         

Alt 10.05.2013, 20:48   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mahnung mit Anhang handyshop.de - Standard

Mahnung mit Anhang handyshop.de



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Mahnung mit Anhang handyshop.de
msdos.exe, windows 8 64, windows 8 64 bit



Ähnliche Themen: Mahnung mit Anhang handyshop.de


  1. Zip Anhang in E-Bay Mahnung mehrfach angeklickt
    Log-Analyse und Auswertung - 19.08.2014 (11)
  2. Zip Anhang von eBay Mahnung angeklickt - Virus?
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (1)
  3. Ebay Mahnung Mail Anhang geöffnet
    Log-Analyse und Auswertung - 27.06.2014 (9)
  4. Ebay Mail mit Mahnung von Anwaltskanzlei - Anhang geöffnet :(
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (39)
  5. Mahnung mit ZIP-Anhang
    Plagegeister aller Art und deren Bekämpfung - 23.03.2014 (5)
  6. Trojaner-Verdacht in E-Mail Anhang "Vertragliche Mahnung vom 13.05.2013 inkasso.com"
    Log-Analyse und Auswertung - 13.09.2013 (8)
  7. Mahnung ZIP geöffnet
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (15)
  8. Mahnung mit Anhang: MS-DOS-Anwendung in Doppel-Zip-Datei
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (13)
  9. Hardwareversand Mahnung Virus/Trojaner im Anhang
    Plagegeister aller Art und deren Bekämpfung - 25.07.2013 (6)
  10. Mahnung mit Anhang einer DOS Datei
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (2)
  11. MS DOS file im Anhang einer Mahnung: Habe sie geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 19.06.2013 (13)
  12. Mahnung mit Anhang: MS-DOS-Anwendung in Doppel-Zip-Datei
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (2)
  13. Mahnung MS-DOS Datei handyshop.de
    Plagegeister aller Art und deren Bekämpfung - 08.05.2013 (2)
  14. Mahnung per E-Mail mit Zahlungsaufforderung, im Anhang zip-Datei
    Plagegeister aller Art und deren Bekämpfung - 18.04.2013 (9)
  15. e-mail erhalten über eine angeblich Rechnung mit Mahnung u. drohung mit Inkasso u. datei anhang
    Log-Analyse und Auswertung - 14.03.2013 (5)
  16. Mahnung Anhang E-Mail geöffnet, anschließend mehrere Trojaner gefunden
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (11)
  17. Verschlüsselungs-Trojaner Trojan.Ransomlock.P durch Anhang einer Email-Mahnung
    Log-Analyse und Auswertung - 14.06.2012 (4)

Zum Thema Mahnung mit Anhang handyshop.de - Hallo, ich wollte kein neuen Thread aufmachen deshalb frage ich hier. Ich habe das gleiche Problemwie Kollege Ak-double1, bloß meine Frau hat die MSDOS.exe Datei die in den Email als - Mahnung mit Anhang handyshop.de...
Archiv
Du betrachtest: Mahnung mit Anhang handyshop.de auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.