| |
| |||||||
Log-Analyse und Auswertung: Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-AnalyseWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
30.08.2013, 18:06
| #1 |
| |  Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse Schönen guten Abend. Ich habe mir heute auf meinem System einen GVU-Trojaner eingefallen. Ich habe über einen Neustart eine Systemwiederherstellung zu einem Zeitpunkt vor einer Woche durchgeführt. Augenscheinlich scheint alles in Ordnung zu sein, zur Sicherheit habe ich einen Otl-Scan durchgeführt und würde mich über eine Analyse dieser freuen. Vielen Dank für eure Zeit Code:
ATTFilter OTL logfile created on: 30.08.2013 18:39:55 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Philipp\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,91 Gb Total Physical Memory | 3,83 Gb Available Physical Memory | 64,76% Memory free 11,91 Gb Paging File | 9,74 Gb Available in Paging File | 81,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 208,17 Gb Total Space | 92,32 Gb Free Space | 44,35% Space Free | Partition Type: NTFS Drive F: | 1,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive S: | 68,36 Gb Total Space | 31,25 Gb Free Space | 45,71% Space Free | Partition Type: NTFS Computer Name: PHILIPP-VAIO | User Name: Philipp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Philipp\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () PRC - C:\Programme\Tablet\Pen\WacomHost.exe (Wacom Technology) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe () PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () MOD - C:\Programme\Sony\VAIO Care\listener.exe () ========== Services (SafeList) ========== SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe () SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (OfficeSvc) -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation) SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (WTabletServiceCon) -- C:\Programme\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations) SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation) SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (uCamMonitor) -- c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (BthA2DP) -- C:\Windows\SysNative\Drivers\BthA2DP.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\Drivers\wachidrouter.sys (Wacom Technology) DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\Drivers\hidkmdf.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\Drivers\wacomrouterfilter.sys (Wacom Technology) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\Drivers\btath_vdp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros) DRV:64bit: - (rimssne) -- C:\Windows\SysNative\Drivers\rimssne64.sys (REDC) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\Drivers\rimssne64.sys (REDC) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (risdsnxc) -- C:\Windows\SysNative\Drivers\risdsnxc64.sys (REDC) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\Drivers\risdsnxc64.sys (REDC) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\Drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (VSPerfDrv110) -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.de/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Philipp\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [SkyDrive] C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64" File not found O4 - Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DE782CD-7C8A-49B1-8A69-9E553ABF49A3}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF7F6495-8D57-4F3C-BAC6-2C1822E7F584}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.07.27 00:54:56 | 000,000,058 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{0cb7c45e-c86b-11e2-be69-642737b0fea6}\Shell - "" = AutoRun O33 - MountPoints2\{0cb7c45e-c86b-11e2-be69-642737b0fea6}\Shell\AutoRun\command - "" = F:\vs_ultimate.exe -- [2012.07.27 19:05:01 | 000,995,000 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{50d08395-c85e-11e2-be66-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{50d08395-c85e-11e2-be66-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\FSetup.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.08.30 18:36:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe [2013.08.22 20:28:12 | 000,000,000 | -H-D | C] -- C:\SkyDriveTemp [2013.08.16 16:42:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\PC Remote [2013.08.16 16:41:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote [2013.08.16 16:41:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Remote [2013.08.16 15:44:15 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Unity [2013.08.16 14:52:38 | 000,069,120 | R--- | C] (AVM Berlin) -- C:\WINDOWS\SysWow64\avmadd32.dll [2013.08.16 14:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box [2013.08.16 14:52:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!Box [2013.08.16 13:45:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Macromedia [2013.08.16 13:41:41 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla [2013.08.16 13:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.08.16 13:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.08.14 19:41:58 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll [2013.08.14 19:41:29 | 000,247,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys [2013.08.14 19:41:29 | 000,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys [2013.08.14 19:41:25 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2013.08.14 19:41:25 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll [2013.08.14 19:41:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.08.14 19:41:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2013.08.14 19:41:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.08.14 19:41:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.08.14 19:41:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2013.08.14 19:41:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2013.08.14 19:41:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2013.08.14 19:41:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2013.08.14 19:41:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2013.08.14 19:41:17 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2013.08.14 19:41:03 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2013.08.14 19:41:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.08.14 19:40:32 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll [2013.08.14 19:40:31 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2013.08.14 19:40:30 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll [2013.08.14 19:40:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll [2013.08.14 19:40:30 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll [2013.08.14 19:40:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.08.30 18:36:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe [2013.08.30 17:58:06 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.08.30 17:50:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.08.30 17:47:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.08.30 17:47:45 | 466,980,863 | -HS- | M] () -- C:\hiberfil.sys [2013.08.30 16:48:59 | 000,163,057 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\2433f433 [2013.08.30 16:48:59 | 000,163,040 | ---- | M] () -- C:\Users\Philipp\AppData\Local\2433f433 [2013.08.30 16:48:59 | 000,163,037 | ---- | M] () -- C:\ProgramData\2433f433 [2013.08.29 12:43:58 | 000,205,978 | ---- | M] () -- C:\Users\Philipp\Desktop\philipp abzweigung.pdf [2013.08.29 12:20:34 | 000,236,986 | ---- | M] () -- C:\Users\Philipp\Desktop\Fallschilderung Kindergeld.pdf [2013.08.28 13:20:07 | 000,398,617 | ---- | M] () -- C:\Users\Philipp\Desktop\V-Kg11e-Antrag-anteilige-Auszahlung.pdf [2013.08.27 10:11:25 | 000,361,038 | ---- | M] () -- C:\Users\Philipp\Desktop\Antrag Weiterzahlung Rente 09 070147 R 003.pdf [2013.08.26 09:23:05 | 000,360,331 | ---- | M] () -- C:\Users\Philipp\Desktop\MB-f-Arbeitslose.pdf [2013.08.24 11:15:53 | 000,881,136 | ---- | M] () -- C:\Users\Philipp\Desktop\bachelorarbeit_vorläufig.pdf [2013.08.24 11:11:46 | 000,001,142 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013.08.21 20:37:28 | 002,035,840 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.08.21 20:37:28 | 000,866,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.08.21 20:37:28 | 000,804,716 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.08.21 20:37:28 | 000,198,116 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.08.21 20:37:28 | 000,166,472 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.08.14 19:42:56 | 000,002,037 | ---- | M] () -- C:\Users\Philipp\Desktop\SkyDrive - Verknüpfung.lnk [2013.08.12 00:00:45 | 000,000,162 | -H-- | M] () -- C:\Users\Philipp\Desktop\~$ Forlage 1.dotx [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.08.30 16:48:59 | 000,163,057 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\2433f433 [2013.08.30 16:48:59 | 000,163,040 | ---- | C] () -- C:\Users\Philipp\AppData\Local\2433f433 [2013.08.30 16:48:59 | 000,163,037 | ---- | C] () -- C:\ProgramData\2433f433 [2013.08.29 12:43:58 | 000,205,978 | ---- | C] () -- C:\Users\Philipp\Desktop\philipp abzweigung.pdf [2013.08.29 11:49:01 | 000,236,986 | ---- | C] () -- C:\Users\Philipp\Desktop\Fallschilderung Kindergeld.pdf [2013.08.28 13:20:07 | 000,398,617 | ---- | C] () -- C:\Users\Philipp\Desktop\V-Kg11e-Antrag-anteilige-Auszahlung.pdf [2013.08.27 10:11:24 | 000,361,038 | ---- | C] () -- C:\Users\Philipp\Desktop\Antrag Weiterzahlung Rente 09 070147 R 003.pdf [2013.08.26 09:23:04 | 000,360,331 | ---- | C] () -- C:\Users\Philipp\Desktop\MB-f-Arbeitslose.pdf [2013.08.23 19:16:52 | 1943,209,564 | ---- | C] () -- C:\Users\Philipp\Desktop\Der Club der toten Dichter.720p.AC3.mkv [2013.08.23 18:18:06 | 000,881,136 | ---- | C] () -- C:\Users\Philipp\Desktop\bachelorarbeit_vorläufig.pdf [2013.08.21 20:32:09 | 321,371,496 | ---- | C] () -- C:\Users\Philipp\Desktop\Argo.720p.AC3.mkv [2013.08.16 13:44:01 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.08.12 00:00:45 | 000,000,162 | -H-- | C] () -- C:\Users\Philipp\Desktop\~$ Forlage 1.dotx [2013.05.31 14:32:11 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2013.05.29 15:59:59 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dll [2013.05.29 14:55:53 | 002,061,864 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2013.05.29 12:17:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2013.05.29 12:14:10 | 000,003,929 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblup.dat [2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.05.29 18:01:21 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite [2013.07.30 13:37:13 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Dropbox [2013.05.29 17:49:21 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\e-academy Inc [2013.06.26 11:52:27 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\iolo [2013.08.16 16:42:02 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\PC Remote [2013.05.29 16:25:19 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Sony [2013.05.29 17:35:55 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Subversion [2013.05.29 18:22:28 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\Wacom [2013.05.29 18:22:40 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 ========== Purity Check ========== < End of report > Code:
ATTFilter
OTL Extras logfile created on: 30.08.2013 18:39:55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Philipp\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,91 Gb Total Physical Memory | 3,83 Gb Available Physical Memory | 64,76% Memory free
11,91 Gb Paging File | 9,74 Gb Available in Paging File | 81,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 208,17 Gb Total Space | 92,32 Gb Free Space | 44,35% Space Free | Partition Type: NTFS
Drive F: | 1,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive S: | 68,36 Gb Total Space | 31,25 Gb Free Space | 45,71% Space Free | Partition Type: NTFS
Computer Name: PHILIPP-VAIO | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A47C395-1429-4F91-9D91-E9BF2B2278E6}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{0AE03CDC-EC0B-48A8-914D-BD27F077C543}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0F4C9DA9-FE8B-4E94-B97C-A595A31B3FF5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{22022CEE-55FE-4BDC-A3D6-1825D4CA8E76}" = rport=9012 | protocol=17 | dir=out | name=brassmonkeyudpaus |
"{295A0E21-95DA-4678-8869-CDBD3DFA7E65}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{2D796209-F0B5-4C0E-BFF6-1CD92177262B}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{42BB5F14-4CCA-47AE-A3F9-609792EEDF89}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{430558A7-44BB-4DD9-B1A7-703992A1631D}" = lport=9012 | protocol=17 | dir=in | name=brassmonkey udp |
"{4F65E4D4-4EEB-4601-B200-CB005CF6096E}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{54C8AE7F-2C55-4B36-99AA-BC9BB5A66D2C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{55933B94-4171-46D5-8CD3-E8844A0EDE43}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{58FF82E2-C4BB-4FA6-A6C9-9EA50157E5F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6466705D-6BDA-4500-9EA6-16A5277FBD43}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6525104F-4473-4634-B8C6-A70C613C9FD2}" = lport=9010 | protocol=6 | dir=in | name=brass monkey tcp |
"{6AFCCD76-058A-46DB-A676-78C3D51DA159}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{70C3D5F2-A864-4F73-95FE-FBEBD925640C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{74C33463-57F1-4249-B316-FDA82B18334F}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{79132A13-90C2-41AB-AC77-68B889C4D18D}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{7B86FD28-0A6E-47B2-9DA6-60C0FCEBEA07}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{941919D0-3951-4CAD-912C-30AD68BE3795}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE9512BA-407C-4E99-A1E7-6B3CE0D4DAA8}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{C97E76D1-7FCA-4EB0-BBFE-2CDCCDA960CD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CAB07C65-AF00-4353-B200-4D84451D1375}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{D2E00E30-C6F8-40B4-80EF-09EC0BBB0A22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8DF75AB-007F-4CA9-BC5D-8DB421C6EC72}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E56BC613-2C2A-4625-AFA8-240D10146151}" = rport=9010 | protocol=6 | dir=out | name=brassmonkey tcp aus |
"{E885A081-D861-409F-A923-61ADC229B50B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F177B79A-4C87-438E-8551-ED4C991097F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA2DCEC7-F114-484B-8864-3DAAB176E407}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067FEB95-7A99-4240-867D-7DA472DEBE11}" = dir=out | name=multimedia 8 |
"{0DD21DA7-8FF3-431B-B0AE-FF669129FF88}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0F885A4E-EFFE-43C8-9EBB-DC8174C6DB83}" = protocol=6 | dir=in | app=d:\fsetup.exe |
"{1A8FD3E2-A770-4A7F-8CD3-1DE3A1AEAB0B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B921D17-4064-47E8-AB78-D1FD48DDE22E}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{21A4615A-2BB8-49DC-A570-2DB4DD5828C7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{21B795B0-660C-4040-A1B5-C2F250D1D6F0}" = dir=in | app=c:\users\philipp\appdata\local\microsoft\skydrive\skydrive.exe |
"{24831B82-13B8-41D5-8F18-5A59FE67421D}" = dir=in | name=multimedia 8 |
"{27F974A3-772B-4B2C-BA92-9E31DEF5CA65}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{2951624C-0474-4F39-9A4F-625A2A971793}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{29CE447C-8B34-4A7D-8E47-01ADD758E564}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58ACE59C-055B-46C9-A740-BFF60BEFFE00}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{58DDECDE-6E5F-430B-95FC-D0F1FC2579A0}" = protocol=17 | dir=in | app=d:\fsetup.exe |
"{5A9CB284-1822-44E0-A42B-FAF654852CAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B128C3F-D738-46B3-A3D4-5E12A66D99FC}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{66EC3EF3-4675-4E32-BBC3-44C21557971F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{70F7C920-9E9B-4E0A-BFC3-5719AE0EF6A2}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7F68C668-8288-42CE-8EE9-0DEC25DA6E2F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{87DD2C25-3C5A-4EC6-ABBD-F511C5958108}" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
"{98126036-7188-4C1F-8378-F7AA510BF303}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9E8A1D3C-C11C-4C38-9A67-438E085A7DC0}" = dir=out | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{9FBAB6A7-D51C-486F-A9A0-AFD927965BFF}" = protocol=17 | dir=in | app=c:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe |
"{A19FF253-67EE-4BF3-981E-97328912A135}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{AA38E820-1B3D-42DD-88F3-D99EAA5CAA35}" = dir=in | name=windows phone |
"{AF8BF25A-8DFA-4F09-8F28-E6B5800ABB74}" = dir=out | name=windows_ie_ac_001 |
"{B07E2D2E-AC45-4521-A113-136D0D6B0618}" = dir=out | name=windows phone |
"{B0C6E549-3517-4B2C-BB16-D6E392781869}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA00BEA0-4323-4C3D-8A32-DC0711CF5BF4}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C2B7E38E-3DA4-4534-909C-C9C6468F4FCA}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{C2E53C2E-19E2-4A1D-8F67-17599CBA72BA}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{C336AB4D-2AB1-4400-A40A-4087109F02AC}" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
"{C48E5EDB-D64E-465D-8BA2-B2B14743778E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D22443A8-9B5C-4109-8C2A-0905E903E205}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{DD5E9C07-2EC1-4A99-AA58-837A492A49E8}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E759B201-2851-4D2D-AB7E-1F6178369B30}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7A3E013-4F23-4EDE-AC8D-E7E75738E62E}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F0A2AEFD-43CC-467F-8EB4-EE83FA246A8D}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F29132CF-EFF9-4B6B-8A4C-E8A46EBE1CEE}" = dir=in | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{F5519C65-C0C1-4CD5-81DA-A998AA898319}" = protocol=6 | dir=out | app=system |
"{F7D1E52D-C375-4377-8E3B-29BDE5372E57}" = protocol=6 | dir=in | app=c:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe |
"{FE80DE59-5AE0-4F5B-A87F-B795D8596537}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFD2D144-76AD-475F-84B4-6A7D1D08281C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{6FDEA300-EFDA-4A39-998D-16CB7BF78543}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A12F8432-7ECA-43FD-962F-110D2C2CD5D1}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
"TCP Query User{F736A2F0-A390-4FA4-A446-96074320AB6B}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{19E1E223-4BB7-4ACE-9531-BD21C1DEBF47}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{59F6C3E2-69DD-45E8-B5B4-457F12CB36C6}C:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\philipp\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{DF14502B-171E-4064-9863-EF8F58BB0B47}C:\program files (x86)\pc remote\pc remote\pcremote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pc remote\pc remote\pcremote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{078B9199-C2A4-4468-BD5F-C060C51EC895}" = Microsoft Visual Studio 2012 IntelliTrace Core amd64
"{0B497B28-5243-3329-9F10-DBB18E0963E6}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106
"{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{28D85F24-B685-3364-BB7C-284C88C2FFE5}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding
"{30C8A133-BD06-35FF-9DCC-DD05E9F7C0B0}" = Visual Studio 2012 Prerequisites - DEU Language Pack
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{41208EF0-FA40-3824-B330-5D59B666C720}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}" = Microsoft SQL Server System CLR Types (x64)
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{572E796D-C52B-3797-A685-2FB6F895D4BE}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}" = Visual Studio 2012 Prerequisites
"{6472F9D8-9116-3889-A4F7-61544A752CE3}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - DEU
"{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}" = Microsoft-System-CLR-Typen für SQL Server 2012 (x64)
"{73468C65-BC53-4D88-9246-75A5BB014DA2}" = JavaScript Tooling
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}" = Microsoft SQL Server 2012 Native Client
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2013
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}" = Microsoft SQL Server Compact 4.0 SP1 x64 DEU
"{9910B791-30D3-419C-B39E-4974206931A9}" = Microsoft Visual Studio 2012-Leistungserfassungstools - DEU
"{993F6DDC-63F8-4BCD-9B28-D941971A9CAC}" = Windows XP Targeting with C++
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A10EE46B-C2E8-4FAB-A8F8-3E80D0662BA9}" = Adobe Flash Player 11 ActiveX (x64)
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}" = Microsoft Web Deploy 3.0
"{AB299EC1-0E19-4FFF-94D0-5246E00B3894}" = Microsoft Visual Studio 2012 IntelliTraceLoc
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}" = Networkx64
"{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}" = Microsoft SQL Server 2012 Command Line Utilities
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2DCF07D-0F89-4818-8B41-50DABC1A310D}" = TortoiseSVN 1.7.12.24070 (64 bit)
"{B9E62002-BD74-30EC-9049-93E0E003C736}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{BF3C5FE1-FD86-A14D-8EC2-6488D646515E}" = ATI Catalyst Install Manager
"{C77B266C-A228-3952-981A-3C23D7D614A5}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{C8400C5F-04A8-3B74-B247-B0F2CEA8A907}" = Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
"{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}" = Microsoft SQL Server 2012 Management Objects (x64)
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{E890076A-6721-4145-B9C4-B4AACFDE6830}" = Microsoft Visual Studio 2012-Leistungserfassungstools
"{EF0D9E83-0978-DE76-42CC-5B85223FECA1}" = ccc-utility64
"{EF18EF0F-96D3-4A6B-9600-2197F1720A15}" = Microsoft SQL Server 2012 Express LocalDB
"{F1789B23-8BDE-35F8-BEFB-EF41774A7AED}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"0933C60C36ECB091923BCC98480E39AB13190F29" = Windows-Treiberpaket - Ricoh Company SD Host Controller (07/10/2012 6.20.13.42)
"BA5D2E1A954275E5E8BC8070DBDEC5F7F4F558AD" = Windows-Treiberpaket - Ricoh Company MS Host Controller (07/20/2012 6.20.13.30)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"O365HomePremRetail - de-de" = Microsoft Office 365 Home Premium - de-de
"Pen Tablet Driver" = Wacom
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.7
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{027D81A3-C4C4-47CD-4C68-94DBCEA166F1}" = CCC Help Greek
"{03E87F9E-F5E4-45F4-91EC-A328295D6C06}" = Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU)
"{046806D1-0A38-3FCA-AF84-F71C50A0C363}" = Microsoft Visual Studio Premium 2012
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{0540C984-C486-457C-ADEB-57CFF0DD3F9A}" = PC Remote
"{07AC2D83-E795-4AD5-970D-B9BD14A1E411}" = Microsoft ASP.NET MVC 3 - DEU
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{093C9565-E907-4ED8-8201-4C1DD25D34DF}" = Devenv-Ressourcen für Microsoft Visual Studio 2012
"{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}" = Microsoft Visual Studio Ultimate 2012
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0EEB6DAC-32D5-4D1A-B795-7023D6AB9F13}" = Blend for Visual Studio 2012 DEU resources
"{1228E4A3-8371-4F9B-BA6F-3D34113811B9}" = Visual Studio Extensions for Windows Library for JavaScript
"{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}" = Tools for .Net 3.5 - DEU Lang Pack
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{15CDC9CF-D347-1F6D-2EDB-D0F41B136758}" = PX Profile Update
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{18D606E9-9650-48DF-8D6E-5AC61C5AD1A9}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1AD308F4-8A23-435E-A231-D9CF142561EA}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{28C7A4BB-3966-4373-8376-C11F38290630}" = Microsoft SQL Server 2012 T-SQL Language Service
"{29675C9D-025B-43F2-BFEB-D5FADE06770F}" = Microsoft Visual Studio 2012-Vorbereitung
"{2B231D3B-39B5-301A-9891-0847433885BC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools DEU Language Pack
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2CB523DF-A3C2-4A7C-8848-53898F6D6F87}" = PreEmptive Analytics Client German Language Pack
"{2F6CE32A-018D-4656-895B-9E5E20D7740A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
"{2F8F489A-0476-3129-857B-A553F38B192D}" = Microsoft Visual C++ 2012 Core Libraries
"{30C27CAE-9266-3B47-837D-193C16EDB811}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106
"{3146D75D-ABF3-404F-41AC-D3F71C8F57F0}" = CCC Help Czech
"{3226C9CF-31C7-4FF4-8F41-D5A65795EE80}" = Microsoft ASP.NET MVC 4 Runtime - DEU
"{3267B2E9-9DF5-4251-87C8-33412234C77F}" = VAIO Data Restore Tool
"{32AA0D69-0E45-4331-A435-74716E4EA0AC}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3B774804-C751-4337-ACCB-2E4E91D40D5B}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU
"{3B86F6DB-BF2A-4636-8B1D-94475BD4A6E8}" = Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu
"{3E24A4D9-7CA0-378E-A9EB-74A20A496F6E}" = Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40D0BF3D-51B3-B375-03B8-3E6077F07500}" = Catalyst Control Center Localization All
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{451526FA-52D1-41F2-B7E2-96343EC95853}" = Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
"{47AA145C-1698-4C76-A15B-23730399A423}" = Entity Framework Designer für Visual Studio 2012 - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA6294E-4EF6-F97E-BB64-6B01509F19B7}" = CCC Help French
"{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}" = Microsoft-System-CLR-Typen für SQL Server 2012
"{520EA81D-67E8-7685-8827-1C6AE94FD29D}" = Catalyst Control Center Profiles Mobile
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{58E440C4-74D4-445C-B9C1-2984D1BC1971}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5FF5933C-61A3-4E7C-8029-DC9661DF5DEE}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{5FFE0D6C-333E-E5FD-CC11-08B868AA6B6B}" = CCC Help Finnish
"{602835D0-9152-2CD4-036D-195E10882A3B}" = CCC Help Portuguese
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67D857F0-03BA-4865-A578-7950B2D7625C}" = JavaScript Tooling
"{6874282F-37D6-4829-8B6F-D2D4FD818AA5}" = Catalyst Control Center - Branding
"{6A6F1B4D-1BCE-3703-93D8-4494FB7F1280}" = Microsoft Portable Library Multi-Targeting Pack
"{6B5FEDC9-AC82-4F3F-AA55-F21881802F56}" = WCF Data Services 5.0 (for OData v3) DEU Language Pack
"{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}" = Microsoft SQL Server 2012 Management Objects
"{6C1924D1-C8FA-6FC6-B336-6525B8CC1FB9}" = Catalyst Control Center InstallProxy
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DE48102-1599-485D-AC18-EA16223440A0}" = Microsoft Visual C++ 2012 Compilers - DEU Resources
"{6F066545-40A2-4C38-A8F7-78581CC5C442}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70D065C3-77E5-45E9-A75C-EEB2E84EA869}" = Erforderliche Komponenten für SSDT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{7501466B-08D4-8BA7-923B-07081D2502B8}" = CCC Help Thai
"{79010D2C-F736-DC24-7C81-6D05E4BC1615}" = CCC Help Norwegian
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{80054F6B-11DA-40F6-8306-F9AB2F9074EB}" = Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{808118B1-60D6-4DCF-8077-73A4D3D8BB54}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{86756584-C41A-4CA3-B42D-4768C7720F56}" = Microsoft Web Deploy dbSqlPackage Provider - DEU
"{8762B098-374D-4900-B68E-34BF2840E694}" = Microsoft Web Developer Tools 2012.2 - Visual Studio 2012
"{8A3F4A11-5617-CDB8-2881-D9259C4FF0AC}" = CCC Help Swedish
"{8A870B3A-F417-A62F-3E66-A7BB834D73D9}" = CCC Help English
"{8BAB88C4-5024-3236-84B5-115054CD32B3}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU
"{8BF20A72-0286-4E87-B071-E33D4B43DA97}" = Microsoft Report Viewer Add-On für Visual Studio 2012
"{8E298C44-5129-9C0D-45C5-0D45C76683E7}" = CCC Help Korean
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}" = Microsoft Silverlight 4 SDK - Deutsch
"{8EA8B699-999D-3D4F-F27D-E0A42812999D}" = CCC Help Turkish
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90150000-00A1-0407-0000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90849941-4C23-3054-B575-3833700DF788}" = Microsoft Help Viewer 2.0 Language Pack - DEU
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{91150000-00A1-0000-0000-0000000FF1CE}" = Microsoft OneNote 2013
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{938526B1-772C-45E3-813A-2E15048DE74E}" = Dotfuscator and Analytics Community Edition Language Pack
"{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}" = Microsoft ASP.NET Web Pages - DEU
"{942CC691-5B98-42A3-8BC5-A246BA69D983}" = Microsoft ASP.NET MVC 4 Runtime
"{958B4A34-B318-64E9-8F84-7C9C5C603143}" = CCC Help Japanese
"{96F50F87-0F15-4F93-9FE6-387DD9CFB077}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
"{985212B0-C225-3F12-E2B3-120E135F02BE}" = CCC Help Spanish
"{98B45D1C-6EB1-460D-A87D-2B60678DC105}" = Microsoft .NET Framework 4.5 SDK - DEU Lang Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF1DDB6-20E6-4C6A-865F-BEFC6E2350E7}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CE13D8B-6288-4A2C-99D2-414D77B9A830}" = WCF Data Services Tools for Visual Studio 11 DEU Language Pack
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FFD310D-FF84-45B1-7890-5408F68D5CCC}" = CCC Help Italian
"{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A3C76DBA-0552-2B25-460C-443500703A91}" = Catalyst Control Center Graphics Previews Common
"{A453EF2D-13C0-3BB8-833F-C0CF45F604C1}" = Microsoft Visual C++ 2012 Extended Libraries
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AAC80D3B-9F42-4E52-8357-7CB4A3EC7B80}" = Microsoft ASP.NET Web Pages 2 Runtime - DEU
"{AB639FD7-CC4E-E5BB-8951-D852ABB56D8E}" = LocalESPCui for de-de
"{AC441CFF-B70C-4638-8112-570DCA7078B9}" = Microsoft Visual Studio 2012 IntelliTraceFrontEndLoc
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}" = ArcSoft Magic-i Visual Effects 2
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B2575E95-5BA5-238F-8A6B-FB52BAC1CA04}" = CCC Help Chinese Standard
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B33EA6ED-6F46-3BE1-98D2-F43D2A82EE39}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B40E950B-300A-41B5-A6C1-2FEBEEA1BEEA}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
"{B585A11C-4F6E-3532-97D4-3670FE94600D}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{B77DE05C-7C84-4011-B93F-A29D0D2840F4}" = ArcSoft WebCam Companion 4
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B9CBED84-5041-0817-4C72-C38D473C344B}" = CCC Help Chinese Traditional
"{BB4DF1E8-5734-28CD-6DD1-B5CED1CCFAB9}" = CCC Help Polish
"{BD87E147-2948-4E49-9FD9-890A4AE4300A}" = Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen
"{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}" = LocalESPC
"{BE4F3A79-8954-499C-AEF9-E8A3BC235677}" = JavaScript Tooling
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1D6380E-514A-4984-A8FB-1E4F438AEFB0}" = Microsoft Visual Studio 2012 IntelliTraceLoc
"{C8646AD5-4396-D48C-BF6D-5D0B992EEBAC}" = CCC Help Danish
"{C9B93384-B53D-1BBC-2A5B-F83D86DACE13}" = CCC Help Hungarian
"{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}" = Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D38DA998-7DAC-1915-88F1-233AF88E5F08}" = CCC Help Dutch
"{D3F1C46B-4DAD-439D-B940-E8144DD9B69A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU
"{D434E072-F482-4F52-AB97-7B19DD5DAEB5}" = Microsoft SQL Server System CLR Types
"{D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD}" = Remote Play with PlayStation(R)3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DDC1078D-00E9-CB9D-EA5B-EE695A38D346}" = Windows Runtime Intellisense Content - de-de
"{E24C5491-1E65-4AF6-9FCE-D94F7F966C7D}" = Microsoft Visual C++ 2012 32bit Compilers - DEU Resources
"{E52C5468-A8E7-4DE5-8F99-057FF2C9BFE8}" = Microsoft Visual C++ 2012 Compilers
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EA33215B-1391-314B-8752-C4C448304AC5}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - deu
"{EA63C5C1-EBBC-477C-9CC7-41454DDFAFF2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{ECB0B61B-5F85-3343-AF48-958B74376A94}" = Microsoft Visual Studio Ultimate 2012 - DEU
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF5F58CF-767E-69AB-1B9A-A846EAFADFDD}" = CCC Help Russian
"{EFA87714-E75A-3BFC-A698-A3AABA5A8A0C}" = Microsoft Visual Studio Ultimate 2012
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}" = Microsoft Silverlight 5 SDK - DEU
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F4FD5690-F64D-34C9-B728-B641DFDFEAE3}" = Microsoft Visual Studio Premium 2012 - DEU
"{F56A0341-F545-3EFB-A7B4-25CD67D04022}" = Microsoft Visual Studio Professional 2012 - DEU
"{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}" = Microsoft SQL Server Data Tools - DEU (11.1.20627.00)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB788CBC-A069-55BC-EF8D-FE9F4AA06FFF}" = CCC Help German
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDC98E0C-DE7C-6AFA-86D7-4DB8F22B6E4C}" = Catalyst Control Center
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVMFBox" = AVM FRITZ!Box Dokumentation
"Bamboo Dock" = Bamboo Dock
"DAEMON Tools Lite" = DAEMON Tools Lite
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.0 Language Pack - DEU" = Microsoft Help Viewer 2.0 Language Pack - DEU
"Office15.ONENOTER" = Microsoft OneNote 2013
"splashtop" = Quick Web Access
"VAIO Help and Support" =
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.08.2013 07:31:41 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 07.08.2013 07:36:10 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 07.08.2013 07:43:17 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: TraverseDir : Unable to push subdirectory. System Error:
Unbekannter
Fehler .
Error - 07.08.2013 07:43:18 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: TraverseDir : Unable to push subdirectory. System Error:
Unbekannter
Fehler .
Error - 07.08.2013 08:07:54 | Computer Name = Philipp-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ONENOTE.EXE, Version: 15.0.4517.1003,
Zeitstempel: 0x51a6f4e0 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x27d8 Startzeit der fehlerhaften Anwendung: 0x01ce9366bea4126d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\Office15\ONENOTE.EXE
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: fce4730d-ff59-11e2-be7e-f0bf97ed89ea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 09.08.2013 05:41:49 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Das Paket „Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe“ wurde beendet,
da das Anhalten zu lange dauerte.
Error - 09.08.2013 05:41:55 | Computer Name = Philipp-VAIO | Source = Application Hang | ID = 1002
Description = Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 66d8 Startzeit: 01ce94e49d9c80f2 Endzeit: 4294967295 Anwendungspfad:
C:\WINDOWS\system32\wwahost.exe Berichts-ID: ea80516a-00d7-11e3-be7e-f0bf97ed89ea
Vollständiger
Name des fehlerhaften Pakets: Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: Microsoft.Bing
Error - 09.08.2013 05:42:13 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
Error - 09.08.2013 05:42:28 | Computer Name = Philipp-VAIO | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „Microsoft.Bing_8wekyb3d8bbwe!Microsoft.Bing“ wurde nicht
innerhalb der vorgesehenen Zeit gestartet.
Error - 11.08.2013 12:48:11 | Computer Name = Philipp-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628,
Zeitstempel: 0x51a94434 Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16604,
Zeitstempel: 0x5184a60b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a43e6
ID
des fehlerhaften Prozesses: 0x59c4 Startzeit der fehlerhaften Anwendung: 0x01ce96ac63829bee
Pfad
der fehlerhaften Anwendung: C:\WINDOWS\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\System32\twinui.dll Berichtskennung: ce7862b8-02a5-11e3-be7e-f0bf97ed89ea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 11.08.2013 13:39:26 | Computer Name = Philipp-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.2.9200.16628,
Zeitstempel: 0x51a94434 Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16604,
Zeitstempel: 0x5184a60b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a43e6
ID
des fehlerhaften Prozesses: 0x3d44 Startzeit der fehlerhaften Anwendung: 0x01ce96b292a3eebc
Pfad
der fehlerhaften Anwendung: C:\WINDOWS\explorer.exe Pfad des fehlerhaften Moduls:
C:\Windows\System32\twinui.dll Berichtskennung: f75090b7-02ac-11e3-be7e-f0bf97ed89ea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
[ System Events ]
Error - 10.07.2013 17:55:41 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
Error - 11.07.2013 05:26:38 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
Error - 11.07.2013 10:32:47 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
Error - 12.07.2013 08:48:49 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10010
Description =
Error - 12.07.2013 08:48:49 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10010
Description =
Error - 12.07.2013 08:50:55 | Computer Name = Philipp-VAIO | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimspci" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 12.07.2013 08:50:55 | Computer Name = Philipp-VAIO | Source = Service Control Manager | ID = 7000
Description = Der Dienst "risdsnpe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 12.07.2013 12:41:50 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
Error - 16.07.2013 11:03:32 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
Error - 17.07.2013 18:00:31 | Computer Name = Philipp-VAIO | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
30.08.2013, 18:26
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
30.08.2013, 18:40
| #3 |
| | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-AnalyseFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Philipp (administrator) on 30-08-2013 19:36:26
Running from C:\Users\Philipp\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\WINDOWS\system32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-12-26] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-13] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-29] (Synaptics Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [SkyDrive] - C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] - C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64" [404992 2012-07-26] (Microsoft Corporation)
MountPoints2: {0cb7c45e-c86b-11e2-be69-642737b0fea6} - "F:\vs_ultimate.exe"
MountPoints2: {50d08395-c85e-11e2-be66-806e6f6e6963} - "D:\FSetup.exe"
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.de/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
==================== Drivers (Whitelisted) ====================
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-29] (DT Soft Ltd)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-07-26] (REDC)
S2 risdsnpe; C:\Windows\system32\DRIVERS\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-29] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
U3 idsvc;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-30 19:35 - 2013-08-30 19:35 - 01579080 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-30 16:48 - 2013-08-30 16:48 - 00163057 _____ C:\Users\Philipp\AppData\Roaming\2433f433
2013-08-30 16:48 - 2013-08-30 16:48 - 00163040 _____ C:\Users\Philipp\AppData\Local\2433f433
2013-08-30 16:48 - 2013-08-30 16:48 - 00163037 _____ C:\ProgramData\2433f433
2013-08-23 19:16 - 2012-01-12 10:27 - 1943209565 _____ C:\Users\Philipp\Desktop\Der Club der toten Dichter.720p.AC3.mkv
2013-08-21 20:32 - 2013-02-25 22:46 - 321371497 _____ C:\Users\Philipp\Desktop\Argo.720p.AC3.mkv
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 14:52 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\WINDOWS\SysWOW64\avmadd32.dll
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-30 18:58 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-14 19:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-14 19:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-14 19:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-14 19:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-14 19:41 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-14 19:41 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-14 19:41 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-14 19:41 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-14 19:41 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-14 19:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-14 19:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
==================== One Month Modified Files and Folders =======
2013-08-30 19:35 - 2013-08-30 19:35 - 01579080 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-08-30 19:29 - 2013-06-04 14:42 - 00005158 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PHILIPP-VAIO-Philipp Philipp-VAIO
2013-08-30 19:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-30 18:59 - 2013-05-29 15:19 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2064051930-2490225573-4070465005-1001
2013-08-30 18:58 - 2013-08-16 13:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:47 - 2013-05-29 15:07 - 01863331 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-30 18:46 - 2013-06-28 14:54 - 00000000 ____D C:\Users\DefaultAppPool
2013-08-30 18:46 - 2013-05-29 13:28 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-30 18:46 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-30 18:44 - 2013-05-29 18:02 - 00000000 ____D C:\Users\Philipp\AppData\Local\Microsoft Help
2013-08-30 18:38 - 2013-05-29 15:10 - 00000000 ____D C:\Users\Philipp\AppData\Local\Packages
2013-08-30 18:38 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-30 18:36 - 2013-05-29 18:01 - 00000000 __RHD C:\MSOCache
2013-08-30 18:35 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-30 18:30 - 2013-05-29 15:08 - 00000000 __SHD C:\Recovery
2013-08-30 17:49 - 2013-05-29 14:56 - 00000000 ____D C:\Users\Philipp
2013-08-30 17:48 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-30 17:48 - 2012-07-26 09:21 - 00478108 _____ C:\WINDOWS\setupact.log
2013-08-30 16:48 - 2013-08-30 16:48 - 00163057 _____ C:\Users\Philipp\AppData\Roaming\2433f433
2013-08-30 16:48 - 2013-08-30 16:48 - 00163040 _____ C:\Users\Philipp\AppData\Local\2433f433
2013-08-30 16:48 - 2013-08-30 16:48 - 00163037 _____ C:\ProgramData\2433f433
2013-08-30 16:18 - 2013-05-29 17:35 - 00000000 ____D C:\Users\Philipp\AppData\Local\TSVNCache
2013-08-27 10:07 - 2013-05-29 13:28 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-08-26 19:39 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Bachelor Arbeit
2013-08-26 14:32 - 2013-05-29 13:30 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2013-08-26 13:52 - 2013-06-19 12:30 - 00000000 ____D C:\Users\Philipp\Documents\Visual Studio 2012
2013-08-25 17:40 - 2013-07-21 16:01 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDCF986B-867E-432C-82A7-156031F46DEF}
2013-08-25 17:37 - 2013-06-04 14:57 - 00000000 ___RD C:\Users\Philipp\SkyDrive
2013-08-24 11:15 - 2013-06-20 10:55 - 00077312 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2013-08-24 10:50 - 2013-07-16 22:58 - 00007168 ___SH C:\Users\Philipp\Downloads\Thumbs.db
2013-08-22 23:23 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2013-08-21 20:37 - 2012-07-26 12:27 - 00866656 _____ C:\WINDOWS\system32\perfh007.dat
2013-08-21 20:37 - 2012-07-26 12:27 - 00198116 _____ C:\WINDOWS\system32\perfc007.dat
2013-08-21 20:37 - 2012-07-26 09:28 - 02035840 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 22:46 - 2013-05-29 17:03 - 00000000 ____D C:\Users\Philipp\Desktop\Adobe Photoshop CS5
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 15:27 - 2013-08-16 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 15:27 - 2013-05-29 14:50 - 00029862 _____ C:\WINDOWS\PFRO.log
2013-08-16 15:26 - 2012-07-26 07:26 - 14155776 ___SH C:\WINDOWS\system32\config\BBI
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-16 12:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-15 11:05 - 2013-06-04 13:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-14 22:18 - 2013-07-26 14:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 20:28 - 2013-05-30 19:21 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 19:42 - 2013-06-04 15:20 - 00002037 _____ C:\Users\Philipp\Desktop\SkyDrive - Verknüpfung.lnk
2013-08-14 19:30 - 2013-06-04 13:54 - 00002291 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
2013-08-11 23:59 - 2013-06-04 15:23 - 00000000 ____D C:\Users\Philipp\Documents\Benutzerdefinierte Office-Vorlagen
2013-08-07 13:13 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Coding
2013-08-06 00:22 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
Files to move or delete:
====================
C:\Users\Philipp\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Philipp\AppData\Local\Temp\ose00000.exe
C:\Users\Philipp\AppData\Local\Temp\UnityWebPlayer2204880514251934890.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\ShutdownBlocker.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VCLoader.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VECt.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{45E7B453-2692-4F51-AB29-4EC4F6E1AA3E}\setup.exe
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\adobe_caps.dll
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\amtservices.dll
C:\Users\Philipp\AppData\Local\Temp\{0D463652-D1AA-46CB-A8A5-0E2A9D9F02FE}\{28006915-2739-4EBE-B5E8-49B25D32EB33}\InstallHelper.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\BootstrapperCore.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\ManagedUx.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbahost.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbapreq.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\sqmapi.dll
C:\Users\Philipp\AppData\Local\Temp\VLC\vlc-2.0.7-win64.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-ed806cff-22d2-44e0-827d-c5e5db559e83\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-e752c7b5-ede3-4461-b16b-63dc23ac0e5a\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-c7e452ae-cf98-4394-b563-ac483c72ed16\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-aaef3ff2-22f4-4886-a199-8cfada08c71e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-a0f8a044-5e58-4031-9fd7-1fbb13b5f001\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-9779a80b-be1f-4ae2-8545-6843288a0b86\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-7bdc31b7-d03f-450a-a422-bbd3946ed8e6\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-6a0dd782-c0c7-46f8-bd36-98c98ca29789\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5d3e50e0-459f-4765-abc2-870286fc6c7e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5b6f7d6f-5c48-4559-a9e5-04d251840841\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5afa9164-4dd1-40d3-828f-eea6b1476fb4\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-4fdff6d1-fc18-4115-9e99-84a947d17364\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-478f36a9-7c4b-4dba-8b9c-4256925c7d40\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-463aa262-94e4-4b59-bd79-92f54686d2f3\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-17997bed-50f8-407f-8cce-cb0e2b3a04d5\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\Temp1_NO$GBA.2.6a.zip\NO$GBA_2.6a\NO$GBA.EXE
C:\Users\Philipp\AppData\Local\Temp\temp-android-tool\lib\SDK Manager.exe
C:\Users\Philipp\AppData\Local\Temp\swtlib-64\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\swtlib-32\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUP.DLL
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUPUI.DLL
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\mono-1-vc.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\webplayer_win.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\wrap_oal.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 11:01
==================== End Of Log ============================
[/CODE] Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013
Ran by Philipp at 2013-08-30 19:36:54
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727)
Tools for .Net 3.5 (x32 Version: 3.11.50727)
Adobe AIR (x32 Version: 2.7.0.19460)
Adobe Flash Player 11 ActiveX (x64) (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
AMD APP SDK Runtime (Version: 2.4.595.10)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.154)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.457)
Atheros WiFi Driver Installation (x32 Version: 3.0)
ATI Catalyst Install Manager (Version: 3.0.825.0)
AVM FRITZ!Box Dokumentation (x32)
Bamboo Dock (x32 Version: 4.1)
Bamboo Dock (x32 Version: 4.1.0)
Bing Bar (x32 Version: 7.0.850.0)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0)
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0)
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2011.0630.809.12749)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.809.12749)
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.809.12749)
Catalyst Control Center Localization All (x32 Version: 2011.0630.809.12749)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0630.809.12749)
CCC Help Chinese Standard (x32 Version: 2011.0630.0808.12749)
CCC Help Chinese Traditional (x32 Version: 2011.0630.0808.12749)
CCC Help Czech (x32 Version: 2011.0630.0808.12749)
CCC Help Danish (x32 Version: 2011.0630.0808.12749)
CCC Help Dutch (x32 Version: 2011.0630.0808.12749)
CCC Help English (x32 Version: 2011.0630.0808.12749)
CCC Help Finnish (x32 Version: 2011.0630.0808.12749)
CCC Help French (x32 Version: 2011.0630.0808.12749)
CCC Help German (x32 Version: 2011.0630.0808.12749)
CCC Help Greek (x32 Version: 2011.0630.0808.12749)
CCC Help Hungarian (x32 Version: 2011.0630.0808.12749)
CCC Help Italian (x32 Version: 2011.0630.0808.12749)
CCC Help Japanese (x32 Version: 2011.0630.0808.12749)
CCC Help Korean (x32 Version: 2011.0630.0808.12749)
CCC Help Norwegian (x32 Version: 2011.0630.0808.12749)
CCC Help Polish (x32 Version: 2011.0630.0808.12749)
CCC Help Portuguese (x32 Version: 2011.0630.0808.12749)
CCC Help Russian (x32 Version: 2011.0630.0808.12749)
CCC Help Spanish (x32 Version: 2011.0630.0808.12749)
CCC Help Swedish (x32 Version: 2011.0630.0808.12749)
CCC Help Thai (x32 Version: 2011.0630.0808.12749)
CCC Help Turkish (x32 Version: 2011.0630.0808.12749)
ccc-utility64 (Version: 2011.0630.809.12749)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727)
Dolby Home Theater v4 (x32 Version: 7.2.7000.6)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298)
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298)
dows-Treiberpaket - Ricoh Company SD Host Controller (07/10/2012 6.20.13.42) (Version: 07/10/2012 6.20.13.42)
Dropbox (HKCU Version: 2.0.22)
Entity Framework Designer für Visual Studio 2012 - DEU (x32 Version: 11.1.21009.00)
Erforderliche Komponenten für SSDT (x32 Version: 11.0.2100.60)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Java Auto Updater (x32 Version: 2.0.6.1)
Java(TM) 6 Update 27 (64-bit) (Version: 6.0.270)
Java(TM) 6 Update 27 (x32 Version: 6.0.270)
JavaScript Tooling (Version: 11.0.60315)
JavaScript Tooling (x32 Version: 11.0.60315)
KUx86 (x32 Version: 1.0.0)
LocalESPC (x32 Version: 8.59.25584)
LocalESPCui for de-de (x32 Version: 8.59.25584)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft ASP.NET MVC 3 - DEU (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - DEU (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0)
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727)
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308)
Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU (x32 Version: 11.0.60308)
Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003)
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4517.1509)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017)
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote 2013 (x32 Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00)
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16)
Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK - DEU (x32 Version: 5.0.61118.0)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service (x32 Version: 11.0.2100.60)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60315)
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60315)
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315)
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.60315)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.60315)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.60315)
Microsoft Visual Studio 2012 IntelliTraceFrontEndLoc (x32 Version: 11.0.60315)
Microsoft Visual Studio 2012 IntelliTraceLoc (Version: 11.0.60315)
Microsoft Visual Studio 2012 IntelliTraceLoc (x32 Version: 11.0.60315)
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools DEU Language Pack (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1)
Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727)
Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727)
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60315)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - DEU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - DEU (x32 Version: 10.3.20225.0)
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu (x32 Version: 1.2.40308.0)
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.0.2100.60)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.0.2100.60)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Networkx64 (Version: 1.0.0)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1509)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1509)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1509)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017)
PC Remote (x32 Version: 3.44)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1)
PX Profile Update (x32 Version: 1.00.1.)
PYV_x86 (x32 Version: 1.0.0)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Quick Web Access (x32 Version: 1.4.8.1)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526)
Remote Play with PlayStation(R)3 (x32 Version: 1.1.0.21090)
Restore (x32 Version: 1.0.0)
Secure Download Manager (x32 Version: 3.1.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TortoiseSVN 1.7.12.24070 (64 bit) (Version: 1.7.24070)
TrackID(TM) with BRAVIA (x32 Version: 1.2.0.09270)
Unity Web Player (HKCU Version: )
Update for (KB2504637) (x32 Version: 1)
Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (x32)
Update for Microsoft Lync 2013 (KB2817621) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2727096) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760538) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767851) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2767860) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2810010) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817320) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817482) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817489) 32-Bit Edition (x32)
Update for Microsoft Office 2013 (KB2817492) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (x32)
Update for Microsoft OneNote 2013 (KB2817467) 32-Bit Edition (x32)
Update for Microsoft Outlook 2013 (KB2817629) 32-Bit Edition (x32)
Update for Microsoft SkyDrive Pro (KB2817622) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (x32)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.1.08290)
VAIO Data Restore Tool (x32 Version: 1.10.1.08030)
VAIO Data Restore Tool (x32 Version: 1.8.0.09210)
VAIO Gate (x32 Version: 2.4.1.09230)
VAIO Smart Network (x32 Version: 3.12.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio 2012 Update 2 (KB2707250) (x32 Version: 11.0.60315)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602)
VLC media player 2.0.7 (Version: 2.0.7)
VPMx64 (Version: 1.0.0)
VSNx64 (Version: 1.0.0)
VSNx86 (x32 Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
Wacom (Version: 5.3.2-1)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0)
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2)
Windows App Certification Kit Native Components (Version: 8.59.29736)
Windows App Certification Kit x64 (x32 Version: 8.59.29750)
Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601)
Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU) (x32 Version: 1.8.60301.1601)
Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584)
Windows Software Development Kit (x32 Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584)
Windows XP Targeting with C++ (Version: 11.0.51106)
Windows XP Targeting with C++ (x32 Version: 11.0.51106)
Windows-Treiberpaket - Ricoh Company MS Host Controller (07/20/2012 6.20.13.30) (Version: 07/20/2012 6.20.13.30)
==================== Restore Points =========================
16-08-2013 14:34:11 Geplanter Prüfpunkt
25-08-2013 16:01:06 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {041F44E8-9BEA-46EF-98F7-BF55EFA6606E} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2012-07-26] (Microsoft Corporation)
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2012-07-26] (Microsoft Corporation)
Task: {0A2CB163-06CB-4B98-BC99-E1E1EFAB6183} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-16] (Adobe Systems Incorporated)
Task: {0F8314D5-0615-4FA0-A024-96DD999D7543} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {115A30F5-9629-4E2E-993E-F2EF77734558} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2012-11-27] (Microsoft Corporation)
Task: {119BF46E-9AEF-4616-AF52-5BD6BDC34729} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {129FD173-2072-41D6-8B8E-58F4B2CFFC26} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe No File
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {1593E586-C8F6-42BD-903F-8007BE704A6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1F26BB17-04C6-4CD5-8102-7CAE5F3BD8D0} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2064051930-2490225573-4070465005-1001 => C:\Windows\System32\portabledeviceapi.dll [2012-07-26] (Microsoft Corporation)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {2466F5AA-1492-4B6F-A1E8-51CD4DB7AD52} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {29099290-449D-4573-8606-F692B320E352} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {307D8C75-FDA3-49D3-AA9F-DB79F405FB59} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2012-07-26] (Microsoft Corporation)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {382A0333-D1F4-4E88-A7F0-11A92FF552F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {3991B111-7DEB-4582-A071-548384A64D26} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-08-14] (Microsoft Corporation)
Task: {3AA3CAB6-E07B-4D2F-8C24-D8A746472980} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3AED3506-8B3C-49A3-B3E2-23C36FA92E7E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {46CAFBA5-2BB7-45F4-B83E-D26140548E1C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe No File
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {495FDEB6-BB95-41E1-BEBD-8CCB6DBD3669} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4D8CC1E8-F7F6-4539-AD3B-08EE80BD63A8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {4F9124DD-176D-4A0F-9A22-CAECAAA1772E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {5100232A-D86B-4FFD-88BD-6E4BDDA7ABB6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {529EA6F8-ED33-42F4-BFB7-398A0F5004F0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe No File
Task: {56A00039-29D6-432A-A263-7B904D37DD56} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe No File
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {58295A5B-5EAE-4B8C-8FB4-E43DA055FA47} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2064051930-2490225573-4070465005-1001
Task: {5B323407-BB37-46F1-A92F-DF5CBBF92AD4} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-05-29] (Sony Corporation)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5FD494A9-5601-4479-9059-24883254F43F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File
Task: {60FF971D-2C9F-4601-8764-CD09052B9CA6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {66B40F74-46A7-4B71-8704-9F8EEBFCF03E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {67229DF8-B971-4F31-933D-0FD466D45DE1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2012-07-26] (Microsoft Corporation)
Task: {68A04641-BB86-4D1C-AA6A-A9AC67F3D7C0} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-23] (Sony Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {774B56F7-94E0-46C6-B5EF-5C97ECA16CB9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {778B5669-0131-42D1-82CA-9CE7FE0B4B67} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File
Task: {79D80217-71D3-4F75-AC0E-5415E674E545} - System32\Tasks\User_Feed_Synchronization-{DDCF986B-867E-432C-82A7-156031F46DEF} => C:\WINDOWS\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {7D59C31C-A14C-4DE0-B60C-9F2C3BFD23E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe No File
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {885AB106-944F-4A82-BC88-1C80F00FBC37} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9E140DFA-CCAA-49F8-976B-DA85AAAC31C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {A4C851F0-7274-4BDE-89B0-4609A6798447} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {A8CF5AA7-9A33-43D0-8D14-C0D2DA4AEF64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {AADDFB37-4A28-4AE6-8E38-B250F1514DD5} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AC9ACD35-2232-4C9E-B36A-65841D63B110} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Windows\System32\net No File
Task: {ADC47EC0-F8BF-437A-8F96-1EC9C17DBCA7} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B13A25E8-0F7F-4040-8111-E35759055FC3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe No File
Task: {B2224EB2-5DD4-44FC-BE65-095FC2F4A041} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe No File
Task: {B9B07EDA-F259-4929-A953-AC9BC47A6638} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BEB2E9E6-5791-4706-8C5B-BC681139FE8A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe No File
Task: {BFE2BC77-52DF-4959-AF14-54B357DBE31A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C391A8D1-7229-4E06-A074-47DE6094FE89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C3C22889-18E2-4138-92F7-A5CCCFDD60D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C4EBE89E-E8D2-4D4E-8AD6-85579913BFA4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-23] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DDF89D97-20A6-48DA-B329-4EC27D96B26F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E1BD9EE9-5A94-4E2B-830A-1BCB2D606B6E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe No File
Task: {E265D230-13E4-46B3-9BAF-99461140603E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {E29C5B85-F730-4B7E-9DD1-C307F403BDA9} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2013-07-02] (Microsoft Corporation)
Task: {E3AD3E1D-D143-4C2A-9640-DED9C136F9B5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe No File
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E5AF74D9-4E90-4939-9741-60358E8000CA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2012-07-26] (Microsoft Corporation)
Task: {E7EFE2D2-BD0C-4F40-BF59-D0DFE9B9B15C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PHILIPP-VAIO-Philipp Philipp-VAIO => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2013-08-14] (Microsoft Corporation)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {EFCA1F1B-A127-4656-9AD7-CE0B1D011A45} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe No File
Task: {F3F08F5B-8270-4F0D-8ADD-526BE8B3D803} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {FE0D933C-B556-4849-B855-D6BCEF99A275} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {FF41B7CA-8940-46B4-AF7A-9CD77F1ECE60} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe No File
Task: {FFAF66AE-5686-4510-B986-69931DBED55B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe No File
Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Philipp\Desktop\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\Philipp\Downloads\Thumbs.db:encryptable
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: AMD Radeon 6600M and 6700M Series (Microsoft Corporation - WDDM v1.20)
Description: AMD Radeon 6600M and 6700M Series (Microsoft Corporation - WDDM v1.20)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/30/2013 06:39:19 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1074
Startzeit: 01cea59f5112092c
Endzeit: 4294967295
Anwendungspfad: C:\Users\Philipp\Desktop\OTL.exe
Berichts-ID: b6ab489d-1192-11e3-be81-f0bf97ed89ea
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/30/2013 06:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1296) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU00405.log.
Error: (08/30/2013 05:51:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP-VAIO)
Description: Die App „DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (08/30/2013 05:01:56 PM) (Source: WTabletServiceCon) (User: )
Description: Prefs: Failed to get user path
Error: (08/30/2013 04:53:59 PM) (Source: WTabletServiceCon) (User: )
Description: Prefs: Failed to get user path
Error: (08/30/2013 04:05:03 PM) (Source: ESENT) (User: )
Description: taskhostex (40364) Versuch, Datei "C:\Users\Philipp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (08/29/2013 02:56:56 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: twinui.dll, Version: 6.2.9200.16604, Zeitstempel: 0x5184a60b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000a43e6
ID des fehlerhaften Prozesses: 0xbc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (08/29/2013 02:19:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP-VAIO)
Description: Die App „DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (08/29/2013 09:34:20 AM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1d70
Startzeit: 01cea48a0a7ca1be
Endzeit: 0
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 5c0c34cf-107d-11e3-be81-f0bf97ed89ea
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
Error: (08/29/2013 08:32:32 AM) (Source: ESENT) (User: )
Description: taskhostex (2952) Versuch, Datei "C:\Users\Philipp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
System errors:
=============
Error: (08/30/2013 05:48:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "risdsnpe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/30/2013 05:48:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "rimspci" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/30/2013 05:28:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
Error: (08/30/2013 05:28:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
Error: (08/30/2013 05:08:15 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/30/2013 04:54:35 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/30/2013 04:49:41 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/29/2013 05:18:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/28/2013 06:27:41 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/27/2013 10:43:52 PM) (Source: DCOM) (User: PHILIPP-VAIO)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (08/30/2013 06:39:19 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0107401cea59f5112092c4294967295C:\Users\Philipp\Desktop\OTL.exeb6ab489d-1192-11e3-be81-f0bf97ed89ea
Error: (08/30/2013 06:00:00 PM) (Source: ESENT)(User: )
Description: svchost1296SRUJet: C:\WINDOWS\system32\SRU\SRU00405.log-1811 (0xfffff8ed)
Error: (08/30/2013 05:51:11 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP-VAIO)
Description: DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default
Error: (08/30/2013 05:01:56 PM) (Source: WTabletServiceCon)(User: )
Description: Prefs: Failed to get user path
Error: (08/30/2013 04:53:59 PM) (Source: WTabletServiceCon)(User: )
Description: Prefs: Failed to get user path
Error: (08/30/2013 04:05:03 PM) (Source: ESENT)(User: )
Description: taskhostex40364C:\Users\Philipp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (08/29/2013 02:56:56 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.166045184a60bc000000500000000000a43e6bc01cea48182c345daC:\WINDOWS\Explorer.EXEC:\Windows\System32\twinui.dll7b4a9d62-10aa-11e3-be81-f0bf97ed89ea
Error: (08/29/2013 02:19:21 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP-VAIO)
Description: DefaultBrowser_NOPUBLISHERID!Microsoft.InternetExplorer.Default
Error: (08/29/2013 09:34:20 AM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.164201d7001cea48a0a7ca1be0C:\WINDOWS\system32\wwahost.exe5c0c34cf-107d-11e3-be81-f0bf97ed89eaMicrosoft.ZuneMusic_1.4.18.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic
Error: (08/29/2013 08:32:32 AM) (Source: ESENT)(User: )
Description: taskhostex2952C:\Users\Philipp\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
CodeIntegrity Errors:
===================================
Date: 2013-07-13 19:22:53.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-21 15:24:15.696
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.732
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.560
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.466
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.435
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.279
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.248
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:05.185
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
Date: 2013-06-17 14:32:02.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 6055.13 MB
Available physical RAM: 3820.95 MB
Total Pagefile: 12199.13 MB
Available Pagefile: 9863.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:208.17 GB) (Free:92.23 GB) NTFS
Drive f: (VS2012_ULT_MSDN_DEU) (CDROM) (Total:1.54 GB) (Free:0 GB) CDFS
Drive s: (Volume) (Fixed) (Total:68.36 GB) (Free:31.25 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3B3D7211)
Partition 1: (Not Active) - (Size=21 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=68 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
30.08.2013, 20:51
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.08.2013, 21:43
| #5 |
| | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse Schutzsoftware wieder anschalten? Hier die Logs: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.30.07 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 Philipp :: PHILIPP-VAIO [Administrator] Schutz: Aktiviert 30.08.2013 22:03:58 mbam-log-2013-08-30 (22-03-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 259987 Laufzeit: 7 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\ProgramData\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Philipp\AppData\Roaming\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Philipp\AppData\Local\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.001 - Report created 30/08/2013 at 22:25:54
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Philipp - PHILIPP-VAIO
# Running from : C:\Users\Philipp\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
*************************
AdwCleaner[R0].txt - [792 octets] - [30/08/2013 22:18:11]
AdwCleaner[R1].txt - [851 octets] - [30/08/2013 22:25:29]
AdwCleaner[S0].txt - [775 octets] - [30/08/2013 22:25:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [834 octets] ##########
[/CODE] Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 8 Pro x64
Ran by Philipp on 30.08.2013 at 22:33:19,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
~~~ Files
Successfully deleted: [File] "C:\Users\Philipp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.08.2013 at 22:38:26,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Philipp (administrator) on 30-08-2013 22:40:22
Running from C:\Users\Philipp\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\WINDOWS\system32\backgroundTaskHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-12-26] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-13] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-29] (Synaptics Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [SkyDrive] - C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] - C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64" [404992 2012-07-26] (Microsoft Corporation)
MountPoints2: {0cb7c45e-c86b-11e2-be69-642737b0fea6} - "F:\vs_ultimate.exe"
MountPoints2: {50d08395-c85e-11e2-be66-806e6f6e6963} - "D:\FSetup.exe"
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.de/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
==================== Drivers (Whitelisted) ====================
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-29] (DT Soft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-07-26] (REDC)
S2 risdsnpe; C:\Windows\system32\DRIVERS\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-29] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
U3 idsvc;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 22:32 - 2013-08-30 22:32 - 01023533 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2013-08-30 22:29 - 2013-08-30 22:29 - 00000917 _____ C:\Users\Philipp\Desktop\AdwCleaner[S0].txt
2013-08-30 22:18 - 2013-08-30 22:25 - 00000000 ____D C:\AdwCleaner
2013-08-30 22:16 - 2013-08-30 22:16 - 00994642 _____ C:\Users\Philipp\Desktop\adwcleaner.exe
2013-08-30 22:00 - 2013-08-30 22:00 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 22:00 - 2013-08-30 22:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-08-30 21:59 - 2013-08-30 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:59 - 2013-08-30 21:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-30 21:59 - 2013-08-30 21:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 21:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-30 19:36 - 2013-08-30 19:37 - 00053170 _____ C:\Users\Philipp\Desktop\Addition.txt
2013-08-30 19:36 - 2013-08-30 19:36 - 00000000 ____D C:\FRST
2013-08-30 19:35 - 2013-08-30 19:35 - 01579080 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-23 19:16 - 2012-01-12 10:27 - 1943209565 _____ C:\Users\Philipp\Desktop\Der Club der toten Dichter.720p.AC3.mkv
2013-08-21 20:32 - 2013-02-25 22:46 - 321371497 _____ C:\Users\Philipp\Desktop\Argo.720p.AC3.mkv
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 14:52 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\WINDOWS\SysWOW64\avmadd32.dll
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-30 21:58 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-14 19:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-14 19:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-14 19:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-14 19:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-14 19:41 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-14 19:41 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-14 19:41 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-14 19:41 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-14 19:41 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-14 19:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-14 19:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
==================== One Month Modified Files and Folders =======
2013-08-30 22:39 - 2013-06-04 14:42 - 00005160 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PHILIPP-VAIO-Philipp Philipp-VAIO
2013-08-30 22:39 - 2013-05-29 15:19 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2064051930-2490225573-4070465005-1001
2013-08-30 22:38 - 2013-08-30 22:38 - 00001229 _____ C:\Users\Philipp\Desktop\JRT.txt
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 22:32 - 2013-08-30 22:32 - 01023533 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2013-08-30 22:29 - 2013-08-30 22:29 - 00000917 _____ C:\Users\Philipp\Desktop\AdwCleaner[S0].txt
2013-08-30 22:28 - 2013-06-04 14:57 - 00000000 ___RD C:\Users\Philipp\SkyDrive
2013-08-30 22:27 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-30 22:27 - 2012-07-26 09:21 - 00479402 _____ C:\WINDOWS\setupact.log
2013-08-30 22:26 - 2012-07-26 07:26 - 21233664 ___SH C:\WINDOWS\system32\config\BBI
2013-08-30 22:25 - 2013-08-30 22:18 - 00000000 ____D C:\AdwCleaner
2013-08-30 22:16 - 2013-08-30 22:16 - 00994642 _____ C:\Users\Philipp\Desktop\adwcleaner.exe
2013-08-30 22:00 - 2013-08-30 22:00 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 22:00 - 2013-08-30 22:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-08-30 22:00 - 2013-08-30 21:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-30 21:59 - 2013-08-30 21:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-30 21:59 - 2013-08-30 21:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 21:58 - 2013-08-16 13:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-30 19:50 - 2013-05-29 15:07 - 01872210 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-30 19:37 - 2013-08-30 19:36 - 00053170 _____ C:\Users\Philipp\Desktop\Addition.txt
2013-08-30 19:36 - 2013-08-30 19:36 - 00000000 ____D C:\FRST
2013-08-30 19:35 - 2013-08-30 19:35 - 01579080 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:46 - 2013-06-28 14:54 - 00000000 ____D C:\Users\DefaultAppPool
2013-08-30 18:46 - 2013-05-29 13:28 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-30 18:46 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-30 18:44 - 2013-05-29 18:02 - 00000000 ____D C:\Users\Philipp\AppData\Local\Microsoft Help
2013-08-30 18:38 - 2013-05-29 15:10 - 00000000 ____D C:\Users\Philipp\AppData\Local\Packages
2013-08-30 18:38 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-30 18:36 - 2013-05-29 18:01 - 00000000 __RHD C:\MSOCache
2013-08-30 18:35 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-30 18:30 - 2013-05-29 15:08 - 00000000 __SHD C:\Recovery
2013-08-30 17:49 - 2013-05-29 14:56 - 00000000 ____D C:\Users\Philipp
2013-08-30 16:18 - 2013-05-29 17:35 - 00000000 ____D C:\Users\Philipp\AppData\Local\TSVNCache
2013-08-27 10:07 - 2013-05-29 13:28 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-08-26 19:39 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Bachelor Arbeit
2013-08-26 14:32 - 2013-05-29 13:30 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2013-08-26 13:52 - 2013-06-19 12:30 - 00000000 ____D C:\Users\Philipp\Documents\Visual Studio 2012
2013-08-25 17:40 - 2013-07-21 16:01 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDCF986B-867E-432C-82A7-156031F46DEF}
2013-08-24 11:15 - 2013-06-20 10:55 - 00077312 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2013-08-24 10:50 - 2013-07-16 22:58 - 00007168 ___SH C:\Users\Philipp\Downloads\Thumbs.db
2013-08-22 23:23 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2013-08-21 20:37 - 2012-07-26 12:27 - 00866656 _____ C:\WINDOWS\system32\perfh007.dat
2013-08-21 20:37 - 2012-07-26 12:27 - 00198116 _____ C:\WINDOWS\system32\perfc007.dat
2013-08-21 20:37 - 2012-07-26 09:28 - 02035840 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 22:46 - 2013-05-29 17:03 - 00000000 ____D C:\Users\Philipp\Desktop\Adobe Photoshop CS5
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 15:27 - 2013-08-16 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 15:27 - 2013-05-29 14:50 - 00029862 _____ C:\WINDOWS\PFRO.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-16 12:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-15 11:05 - 2013-06-04 13:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-14 22:18 - 2013-07-26 14:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 20:28 - 2013-05-30 19:21 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 19:42 - 2013-06-04 15:20 - 00002037 _____ C:\Users\Philipp\Desktop\SkyDrive - Verknüpfung.lnk
2013-08-14 19:30 - 2013-06-04 13:54 - 00002291 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
2013-08-11 23:59 - 2013-06-04 15:23 - 00000000 ____D C:\Users\Philipp\Documents\Benutzerdefinierte Office-Vorlagen
2013-08-07 13:13 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Coding
2013-08-06 00:22 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
Files to move or delete:
====================
C:\Users\Philipp\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Philipp\AppData\Local\Temp\ose00000.exe
C:\Users\Philipp\AppData\Local\Temp\Quarantine.exe
C:\Users\Philipp\AppData\Local\Temp\UnityWebPlayer2204880514251934890.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\ShutdownBlocker.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VCLoader.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VECt.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{45E7B453-2692-4F51-AB29-4EC4F6E1AA3E}\setup.exe
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\adobe_caps.dll
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\amtservices.dll
C:\Users\Philipp\AppData\Local\Temp\{0D463652-D1AA-46CB-A8A5-0E2A9D9F02FE}\{28006915-2739-4EBE-B5E8-49B25D32EB33}\InstallHelper.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\BootstrapperCore.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\ManagedUx.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbahost.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbapreq.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\sqmapi.dll
C:\Users\Philipp\AppData\Local\Temp\VLC\vlc-2.0.7-win64.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-ed806cff-22d2-44e0-827d-c5e5db559e83\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-e752c7b5-ede3-4461-b16b-63dc23ac0e5a\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-c7e452ae-cf98-4394-b563-ac483c72ed16\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-aaef3ff2-22f4-4886-a199-8cfada08c71e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-a0f8a044-5e58-4031-9fd7-1fbb13b5f001\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-9779a80b-be1f-4ae2-8545-6843288a0b86\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-7bdc31b7-d03f-450a-a422-bbd3946ed8e6\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-6a0dd782-c0c7-46f8-bd36-98c98ca29789\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5d3e50e0-459f-4765-abc2-870286fc6c7e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5b6f7d6f-5c48-4559-a9e5-04d251840841\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5afa9164-4dd1-40d3-828f-eea6b1476fb4\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-4fdff6d1-fc18-4115-9e99-84a947d17364\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-478f36a9-7c4b-4dba-8b9c-4256925c7d40\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-463aa262-94e4-4b59-bd79-92f54686d2f3\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-17997bed-50f8-407f-8cce-cb0e2b3a04d5\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\Temp1_NO$GBA.2.6a.zip\NO$GBA_2.6a\NO$GBA.EXE
C:\Users\Philipp\AppData\Local\Temp\temp-android-tool\lib\SDK Manager.exe
C:\Users\Philipp\AppData\Local\Temp\swtlib-64\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\swtlib-32\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUP.DLL
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUPUI.DLL
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\mono-1-vc.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\webplayer_win.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\wrap_oal.dll
C:\Users\Philipp\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 11:01
==================== End Of Log ============================
[/CODE] |
|
31.08.2013, 13:18
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-AnalyseESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse |
|
31.08.2013, 23:37
| #7 |
| | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse Probleme sind soweit nicht mehr da. Der Online Scan hat leider 3 Threads gefunden, wir sind also wohl noch nicht fertig ? Die Logs: Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d3db16a2e25b784ea6493e4aa46d184d
# engine=14965
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-31 10:17:04
# local_time=2013-09-01 12:17:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 107028 5270899 0 0
# scanned=421022
# found=3
# cleaned=0
# scan_time=25045
sh=0BDC86B1D75C6461E97589D9F8D13A25E58BC5C3 ft=1 fh=9ac1373c08faa68a vn="a variant of Win32/Injector.AKNK trojan" ac=I fn="C:\Users\Philipp\AppData\Local\Temp\hgscsu"
sh=9BC096EF6C62D0233AB06E8267A84BFE881860C8 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Philipp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\d160a37-6d453130"
sh=12A96DFC9A013BBCF4BC4293B4147B6367AEBD04 ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PLB trojan" ac=I fn="C:\Users\Philipp\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7335fbfd-3927ca23"
Code:
ATTFilter Results of screen317's Security Check version 0.99.72 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Visual Studio Extensions for Windows Library for JavaScript Java(TM) 6 Update 27 JavaScript Tooling Java version out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader 10.1.7 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MsMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 04
Ran by Philipp (administrator) on PHILIPP-VAIO on 01-09-2013 00:34:10
Running from C:\Users\Philipp\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(ArcSoft, Inc.) c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-12-26] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-13] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-29] (Synaptics Incorporated)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [SkyDrive] - C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64] - C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64" [404992 2012-07-26] (Microsoft Corporation)
MountPoints2: {0cb7c45e-c86b-11e2-be69-642737b0fea6} - "F:\vs_ultimate.exe"
MountPoints2: {50d08395-c85e-11e2-be66-806e6f6e6963} - "D:\FSetup.exe"
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.de/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
==================== Drivers (Whitelisted) ====================
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-29] (DT Soft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-07-26] (REDC)
S2 risdsnpe; C:\Windows\system32\DRIVERS\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-07-10] (REDC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-29] (Synaptics Incorporated)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
U3 idsvc;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 00:31 - 2013-09-01 00:31 - 00001001 _____ C:\Users\Philipp\Desktop\checkup.txt
2013-09-01 00:28 - 2013-09-01 00:28 - 00891115 _____ C:\Users\Philipp\Desktop\SecurityCheck.exe
2013-08-31 17:17 - 2013-08-31 17:17 - 02347384 _____ (ESET) C:\Users\Philipp\Desktop\esetsmartinstaller_enu.exe
2013-08-30 22:38 - 2013-08-30 22:38 - 00001229 _____ C:\Users\Philipp\Desktop\JRT.txt
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 22:32 - 2013-08-30 22:32 - 01023533 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2013-08-30 22:29 - 2013-08-30 22:29 - 00000917 _____ C:\Users\Philipp\Desktop\AdwCleaner[S0].txt
2013-08-30 22:18 - 2013-08-30 22:25 - 00000000 ____D C:\AdwCleaner
2013-08-30 22:16 - 2013-08-30 22:16 - 00994642 _____ C:\Users\Philipp\Desktop\adwcleaner.exe
2013-08-30 22:00 - 2013-08-30 22:00 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 22:00 - 2013-08-30 22:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-08-30 21:59 - 2013-08-30 22:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:59 - 2013-08-30 21:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-30 21:59 - 2013-08-30 21:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 21:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-30 19:36 - 2013-08-30 19:37 - 00053170 _____ C:\Users\Philipp\Desktop\Addition.txt
2013-08-30 19:36 - 2013-08-30 19:36 - 00000000 ____D C:\FRST
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-23 19:16 - 2012-01-12 10:27 - 1943209565 _____ C:\Users\Philipp\Desktop\Der Club der toten Dichter.720p.AC3.mkv
2013-08-21 20:32 - 2013-02-25 22:46 - 321371497 _____ C:\Users\Philipp\Desktop\Argo.720p.AC3.mkv
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 14:52 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\WINDOWS\SysWOW64\avmadd32.dll
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-31 23:58 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-14 19:41 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-14 19:41 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-14 19:41 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-14 19:41 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-14 19:41 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-14 19:41 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-14 19:41 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-14 19:41 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-14 19:41 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-14 19:41 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-14 19:41 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-14 19:41 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-14 19:41 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-14 19:41 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-14 19:40 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-14 19:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-14 19:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-14 19:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-14 19:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
==================== One Month Modified Files and Folders =======
2013-09-01 00:33 - 2013-09-01 00:33 - 01589860 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-09-01 00:31 - 2013-09-01 00:31 - 00001001 _____ C:\Users\Philipp\Desktop\checkup.txt
2013-09-01 00:28 - 2013-09-01 00:28 - 00891115 _____ C:\Users\Philipp\Desktop\SecurityCheck.exe
2013-09-01 00:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-31 23:58 - 2013-08-16 13:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-31 23:45 - 2013-07-21 16:01 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DDCF986B-867E-432C-82A7-156031F46DEF}
2013-08-31 20:52 - 2013-06-04 14:42 - 00005160 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for PHILIPP-VAIO-Philipp Philipp-VAIO
2013-08-31 18:39 - 2013-05-29 15:07 - 01946496 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-31 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-31 17:17 - 2013-08-31 17:17 - 02347384 _____ (ESET) C:\Users\Philipp\Desktop\esetsmartinstaller_enu.exe
2013-08-31 17:15 - 2013-06-04 14:57 - 00000000 ___RD C:\Users\Philipp\SkyDrive
2013-08-31 17:15 - 2013-05-29 17:35 - 00000000 ____D C:\Users\Philipp\AppData\Local\TSVNCache
2013-08-30 22:48 - 2013-05-29 15:19 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2064051930-2490225573-4070465005-1001
2013-08-30 22:38 - 2013-08-30 22:38 - 00001229 _____ C:\Users\Philipp\Desktop\JRT.txt
2013-08-30 22:33 - 2013-08-30 22:33 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 22:32 - 2013-08-30 22:32 - 01023533 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2013-08-30 22:29 - 2013-08-30 22:29 - 00000917 _____ C:\Users\Philipp\Desktop\AdwCleaner[S0].txt
2013-08-30 22:27 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-30 22:27 - 2012-07-26 09:21 - 00479402 _____ C:\WINDOWS\setupact.log
2013-08-30 22:26 - 2012-07-26 07:26 - 21495808 ___SH C:\WINDOWS\system32\config\BBI
2013-08-30 22:25 - 2013-08-30 22:18 - 00000000 ____D C:\AdwCleaner
2013-08-30 22:16 - 2013-08-30 22:16 - 00994642 _____ C:\Users\Philipp\Desktop\adwcleaner.exe
2013-08-30 22:00 - 2013-08-30 22:00 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 22:00 - 2013-08-30 22:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-08-30 22:00 - 2013-08-30 21:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:59 - 2013-08-30 21:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Desktop\mbam-setup-1.75.0.1300.exe
2013-08-30 21:59 - 2013-08-30 21:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 19:37 - 2013-08-30 19:36 - 00053170 _____ C:\Users\Philipp\Desktop\Addition.txt
2013-08-30 19:36 - 2013-08-30 19:36 - 00000000 ____D C:\FRST
2013-08-30 18:49 - 2013-08-30 18:49 - 00098348 _____ C:\Users\Philipp\Desktop\Extras.Txt
2013-08-30 18:48 - 2013-08-30 18:48 - 00088688 _____ C:\Users\Philipp\Desktop\OTL.Txt
2013-08-30 18:46 - 2013-06-28 14:54 - 00000000 ____D C:\Users\DefaultAppPool
2013-08-30 18:46 - 2013-05-29 13:28 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-30 18:46 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-30 18:44 - 2013-05-29 18:02 - 00000000 ____D C:\Users\Philipp\AppData\Local\Microsoft Help
2013-08-30 18:38 - 2013-05-29 15:10 - 00000000 ____D C:\Users\Philipp\AppData\Local\Packages
2013-08-30 18:38 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-08-30 18:36 - 2013-08-30 18:36 - 00602112 _____ (OldTimer Tools) C:\Users\Philipp\Desktop\OTL.exe
2013-08-30 18:36 - 2013-05-29 18:01 - 00000000 __RHD C:\MSOCache
2013-08-30 18:30 - 2013-05-29 15:08 - 00000000 __SHD C:\Recovery
2013-08-30 17:49 - 2013-05-29 14:56 - 00000000 ____D C:\Users\Philipp
2013-08-27 10:07 - 2013-05-29 13:28 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-08-26 19:39 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Bachelor Arbeit
2013-08-26 14:32 - 2013-05-29 13:30 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2013-08-26 13:52 - 2013-06-19 12:30 - 00000000 ____D C:\Users\Philipp\Documents\Visual Studio 2012
2013-08-24 11:15 - 2013-06-20 10:55 - 00077312 ___SH C:\Users\Philipp\Desktop\Thumbs.db
2013-08-24 10:50 - 2013-07-16 22:58 - 00007168 ___SH C:\Users\Philipp\Downloads\Thumbs.db
2013-08-22 23:23 - 2013-07-19 11:31 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2013-08-21 20:37 - 2012-07-26 12:27 - 00866656 _____ C:\WINDOWS\system32\perfh007.dat
2013-08-21 20:37 - 2012-07-26 12:27 - 00198116 _____ C:\WINDOWS\system32\perfc007.dat
2013-08-21 20:37 - 2012-07-26 09:28 - 02035840 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 22:46 - 2013-05-29 17:03 - 00000000 ____D C:\Users\Philipp\Desktop\Adobe Photoshop CS5
2013-08-16 16:42 - 2013-08-16 16:42 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2013-08-16 16:41 - 2013-08-16 16:41 - 00000000 ____D C:\Program Files (x86)\PC Remote
2013-08-16 15:44 - 2013-08-16 15:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Unity
2013-08-16 15:27 - 2013-08-16 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 15:27 - 2013-05-29 14:50 - 00029862 _____ C:\WINDOWS\PFRO.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00003029 _____ C:\WINDOWS\avmadd32.log
2013-08-16 14:52 - 2013-08-16 14:52 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2013-08-16 13:45 - 2013-08-16 13:45 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2013-08-16 13:44 - 2013-08-16 13:44 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2013-08-16 13:41 - 2013-08-16 13:41 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-16 12:09 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-15 11:05 - 2013-06-04 13:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-15 10:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-14 22:18 - 2013-07-26 14:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-14 20:28 - 2013-05-30 19:21 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 19:42 - 2013-06-04 15:20 - 00002037 _____ C:\Users\Philipp\Desktop\SkyDrive - Verknüpfung.lnk
2013-08-14 19:30 - 2013-06-04 13:54 - 00002291 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-08-12 00:00 - 2013-08-12 00:00 - 00000162 ____H C:\Users\Philipp\Desktop\~$ Forlage 1.dotx
2013-08-11 23:59 - 2013-06-04 15:23 - 00000000 ____D C:\Users\Philipp\Documents\Benutzerdefinierte Office-Vorlagen
2013-08-07 13:13 - 2013-05-29 17:04 - 00000000 ____D C:\Users\Philipp\Desktop\Coding
2013-08-06 00:22 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
Files to move or delete:
====================
C:\Users\Philipp\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Philipp\AppData\Local\Temp\ose00000.exe
C:\Users\Philipp\AppData\Local\Temp\Quarantine.exe
C:\Users\Philipp\AppData\Local\Temp\UnityWebPlayer2204880514251934890.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\ShutdownBlocker.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VCLoader.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\VECt.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ATL90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup64\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32ForWin8\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\DatabaseSetup.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallationToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\InstallDBREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\LoggingREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\ManagedREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\oscdimg.exe
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\OsServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\PluginFactoryREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\RecoveryPartitionManagerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOCommonREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDrivers.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOInstallAppsDriversREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtility.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\VAIOUtilityREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\XMLToolsREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\DiskServicesREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\MediaBurnerREAD.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfc90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.MFC\mfcm90u.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcm90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcp90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.CRT\msvcr90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\READ\plugins\Microsoft.VC90.ATL\atl90.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\System.Data.SQLite.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCare.Utilities.dll
C:\Users\Philipp\AppData\Local\Temp\{FC82F706-85AC-4C9E-9D7F-2CFD780CD171}\DataBaseSetup32\Lib\VAIOCareToolkit.dll
C:\Users\Philipp\AppData\Local\Temp\{45E7B453-2692-4F51-AB29-4EC4F6E1AA3E}\setup.exe
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\adobe_caps.dll
C:\Users\Philipp\AppData\Local\Temp\{433EACD8-4747-4A6A-826A-FFA9F39B0D40}\amtservices.dll
C:\Users\Philipp\AppData\Local\Temp\{0D463652-D1AA-46CB-A8A5-0E2A9D9F02FE}\{28006915-2739-4EBE-B5E8-49B25D32EB33}\InstallHelper.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\BootstrapperCore.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\ManagedUx.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbahost.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\mbapreq.dll
C:\Users\Philipp\AppData\Local\Temp\{0bc17680-a2d9-42c0-9c26-0b8ecac2b473}\.ba1\sqmapi.dll
C:\Users\Philipp\AppData\Local\Temp\VLC\vlc-2.0.7-win64.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-ed806cff-22d2-44e0-827d-c5e5db559e83\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-e752c7b5-ede3-4461-b16b-63dc23ac0e5a\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-c7e452ae-cf98-4394-b563-ac483c72ed16\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-aaef3ff2-22f4-4886-a199-8cfada08c71e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-a0f8a044-5e58-4031-9fd7-1fbb13b5f001\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-9779a80b-be1f-4ae2-8545-6843288a0b86\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-7bdc31b7-d03f-450a-a422-bbd3946ed8e6\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-6a0dd782-c0c7-46f8-bd36-98c98ca29789\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5d3e50e0-459f-4765-abc2-870286fc6c7e\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5b6f7d6f-5c48-4559-a9e5-04d251840841\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-5afa9164-4dd1-40d3-828f-eea6b1476fb4\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-4fdff6d1-fc18-4115-9e99-84a947d17364\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-478f36a9-7c4b-4dba-8b9c-4256925c7d40\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-463aa262-94e4-4b59-bd79-92f54686d2f3\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\uninstaller-WTA-17997bed-50f8-407f-8cce-cb0e2b3a04d5\Uninstaller.exe
C:\Users\Philipp\AppData\Local\Temp\Temp1_NO$GBA.2.6a.zip\NO$GBA_2.6a\NO$GBA.EXE
C:\Users\Philipp\AppData\Local\Temp\temp-android-tool\lib\SDK Manager.exe
C:\Users\Philipp\AppData\Local\Temp\swtlib-64\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\swtlib-32\swt-win32-3550.dll
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUP.DLL
C:\Users\Philipp\AppData\Local\Temp\Setup00000050\OSETUPUI.DLL
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
C:\Users\Philipp\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsy939E.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsm1B56.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsh825D.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\FindProcDLL.dll
C:\Users\Philipp\AppData\Local\Temp\nsdEDC9.tmp\Registry.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\DropboxNSISTools.dll
C:\Users\Philipp\AppData\Local\Temp\nsdC557.tmp\UAC.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\mono-1-vc.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\webplayer_win.dll
C:\Users\Philipp\AppData\Local\Temp\Low\UnityWebPlayer\temp\a1561c378e1da74381f70720ead7848f\wrap_oal.dll
C:\Users\Philipp\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 11:01
==================== End Of Log ============================
[/CODE] |
|
01.09.2013, 10:40
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse Das sind nur Temp-Dateien, die leeren wir jetzt. Java und Adobe updaten. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 11:26
| #9 |
| | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse So, erst einmal ein riesen großes Dankeschön für deine Zeit und das auch noch am Wochenende, ich werde euch weiterempfehlen. Ich werde deine Tipps befolgen, Secunia ist installiert. Zwei Fragen hätte ich aber noch zum Abschluss: 1) Wie sieht es mit einer Anti-Virensoftware aus? Ich nutze bisher nur den Windows Defender. Davor habe ich AVG genutzt und den Defender deaktiviert, jedoch hat Windows dann öfter Meldungen rausgegeben, dass keines von beiden aktiviert sei. 2) MalwareBytes ist ja eine Testversion, wie gehe ich weiterhin damit um? Soll ich sie mit Windows starten, soll ich sie jede Woche wieder installieren und dann entfernen? Hast du da eine Lösung? Kann ich guten Gewissens den Defender weiter nutzen, natürlich ab sofort mit der Unterstützung deiner Tipps? Viele Grüße Geändert von philiomanie (01.09.2013 um 11:35 Uhr) |
|
01.09.2013, 13:38
| #10 | ||
| /// the machine /// TB-Ausbilder | Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-AnalyseZitat:
Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8 x64: nach GVU-Trojaner und Systemwiederherstellung OTL-Analyse |
| autorun, bingbar, browser, down, fehler, flash player, helper, homepage, iexplore.exe, install.exe, installation, java/exploit.agent.plb, logfile, object, office 365, plug-in, registry, security, svchost.exe, system, system error, tablet, trackid, trojan.agent.tpl, win32/injector.aknk, windows, windows xp |
Linear-Darstellung
