kein internetzugriff möglich, habe zwei infizierte regiestrierungsschlüssel

klausi58 · 14.11.2012, 18:45

Hallo,

ich brauche dringend Hilfe da trotz Internetverbindung mein Laptop keinen Zugang erhält. Ich konnte bereits mit Hilfe von Malwarebytes bis auf wahrscheinlich zwei Fehler alles bereinigen. Fehler ist passiert da ich nicht auf die automatischen Updates für meinen Bitdefender geachtet habe. Brauche den anderen Laptop sehr dringend für meine Arbeit. Hänge sonst nur an meinem reserve Möhrchen.
Habe auch schon die benötigten scans mit angehängt. Wäre toll wenn es so schnell wie beim letzten Mal klappen würde.
Vielen Dank im voraus.

Klausi58

ryder · 14.11.2012, 19:03

Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.

Zitat:

Lesestoff:
Regeln für die Bereinigung
Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:
Bitte arbeite alle Schritte der Reihe nach ab. Gib mir bitte zu jedem Schritt Rückmeldung (Logfile oder Antwort).

Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.

Bitte kein Crossposting (posten in mehreren Foren).

Installiere oder Deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.

Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.

Poste die Logfiles direkt in deinen Thread (möglichst in Code-Tags). Nicht anhängen ausser ich fordere Dich dazu auf oder das Logfile ist zu gross. Erschwert mir nämlich das auswerten.

Mache deinen Namen nur dann unkenntlich, wenn es unbedingt sein muss.

Sollte ich nicht nach 3 Tagen geantwortet haben, dann (und nur dann) schicke mir bitte eine PM.

Eine Bitte: Mache bitte solange mit, bis ich oder ein anderer Helfer dir mitteilt, dass du "sauber" bist. Das gebietet alleine schon die Höflichkeit und ein Verschwinden der Symptome bedeutet nicht, dass die Schädlinge auch wirklich alle entfernt wurden.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.

Wenn du das alles gelesen und verstanden hast, kannst du loslegen!

Logfiles nicht ZIPPEN!

Bitte MBAM-log posten.

ryder · 14.11.2012, 19:05

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Markiere das gesamte Logfile und kopiere es in die Zwischenablage mit STRG+C.

Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].

Setze den Curser zwischen die CODE-Tags und drücke STRG+V.

Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

-----------------------

klausi58 · 14.11.2012, 19:27

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.09.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Weisgerber :: WEISGERBER-VAIO [Administrator]

14.11.2012 15:17:13
mbam-log-2012-11-14 (15-31-40).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 201013
Laufzeit: 3 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ryder · 14.11.2012, 19:28

Das ist erstmal nur Webung. Wir schauen ob wir die wegbekommen.

Schritt 1:
AdwCleaner: Werbeprogramme suchen und löschen

Downloade Dir bitte AdwCleaner auf deinen Desktop.
Starte die adwcleaner.exe mit einem Doppelklick.

Klicke auf Löschen.

Bestätige jeweils mit Ok.

Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.

Poste mir den Inhalt mit deiner nächsten Antwort.

Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Schritt 2:
Customscan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Starte bitte die OTL.exe.

Stelle folgendes ein:
Haken bei "Alle Benutzer scannen" und "Inklusive 64bit Scans"

Ausgabe: Minimal

Benutze SafeList in jedem Feld.

Haken bei "Benutze Hersteller-Whitelist"

Dateien erstellt und verändert innerhalb Datei-Alter

Haken bei LOP Prüfung und Purity Prüfung

Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.exe
%PROGRAMFILES(X86)%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /10
%appdata%\*. 
%appdata%\*.* 
%appdata%\*.exe /s
%localappdata%\*. 
%localappdata%\*.*
%localappdata%\*.exe /s
%allusersprofile%\*. 
%allusersprofile%\*.*
%allusersprofile%\*.exe /s
CREATERESTOREPOINT
         
Schliesse bitte nun alle Programme. (Wichtig)

Klicke nun bitte auf den Scan Button.

Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread (möglichst in CODE-Tags)

klausi58 · 14.11.2012, 20:02

Hallo,

ich habe da was überhaupt nicht kapiert. Wen soll ich wo rein kopieren?

Und wenn ja, wie?

Bitte verständlich, bin kein Fachmann. Danke.

ryder · 14.11.2012, 20:27

Du kopierst das aus der orangenen Box in OTL.

klausi58 · 15.11.2012, 19:37

Hi ryder,

ich möchte ja nicht drängeln, wollte nur wissen ob heute noch was geht? Ich habe ja jede Menge geschickt. Kann wahrscheinlich etwas dauern.
Ich weiß nur nicht ob ich noch auf der Lauer liegen soll oder nicht. Sonst mach ich zu!
Du weißt ja Moppedfahren wie wir beide haben es immer eilig.

Klausi58

ryder · 15.11.2012, 22:13

Dann führte die beiden Schritte aus. Dann gehts auch weiter.

klausi58 · 16.11.2012, 14:14

Code:

ATTFilter


# AdwCleaner v2.007 - Datei am 14/11/2012 um 19:32:31 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Weisgerber - WEISGERBER-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Weisgerber\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Browser Manager

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Weisgerber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
Datei Gelöscht : C:\Users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\searchplugins\Plusnetwork.xml
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\Program Files (x86)\appbario8
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Savings Sidekick
Ordner Gelöscht : C:\Program Files (x86)\Yontoo
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Weisgerber\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Weisgerber\AppData\Local\Savings Sidekick
Ordner Gelöscht : C:\Users\Weisgerber\AppData\LocalLow\appbario8
Ordner Gelöscht : C:\Users\Weisgerber\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Weisgerber\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Weisgerber\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\extensions\plugin@yontoo.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\appbario8
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\bProtector
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CC09160-108C-4759-BAB1-5C12C216E005}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKLM\Software\appbario8
Schlüssel Gelöscht : HKLM\Software\bProtector
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3227982
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17FBAC21-3A8E-43BD-AB17-F02E52037EDB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C32D855-113D-4167-9AEC-0806B69992AD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C12B4A62-E7CF-4A83-B45F-4987F42795EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\appbario8 Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{0CC09160-108C-4759-BAB1-5C12C216E005}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0.1 (de)

Profilname : default 
Datei : C:\Users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\prefs.js

C:\Users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13")[...]
Gelöscht : user_pref("avg.install.userSPSettings", "appbario8 Customized Web Search");
Gelöscht : user_pref("browser.search.defaultenginename", "appbario8 Customized Web Search");
Gelöscht : user_pref("browser.search.order.1", "appbario8 Customized Web Search");
Gelöscht : user_pref("browser.search.selectedEngine", "appbario8 Customized Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13");
Gelöscht : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1347970275);
Gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Gelöscht : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1347970275");
Gelöscht : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Gelöscht : user_pref("extensions.crossriderapp5060.bic", "139d94a18a548fe8c654a9e4c41a8e52");
Gelöscht : user_pref("extensions.crossriderapp5060.firstrun", false);
Gelöscht : user_pref("extensions.crossriderapp5060.installationdate", 1347970276);
Gelöscht : user_pref("extensions.crossriderapp5060.lastcheck", 22548210);
Gelöscht : user_pref("extensions.crossriderapp5060.lastcheckitem", 22548210);
Gelöscht : user_pref("extensions.enabledAddons", "crossriderapp5060@crossrider.com:0.83.15,bbrs_002@blabbers.co[...]
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227980&SearchSource=2&q=[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Weisgerber\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [10979 octets] - [14/11/2012 19:32:31]

########## EOF - C:\AdwCleaner[S1].txt - [11040 octets] ##########

Code:

ATTFilter

OTL Logfile:

	Code: 

 ATTFilter

  
	OTL logfile created on: 15.11.2012 12:50:32 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Weisgerber\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 72,00% Memory free
7,94 Gb Paging File | 5,53 Gb Available in Paging File | 69,65% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,71 Gb Total Space | 394,38 Gb Free Space | 87,89% Space Free | Partition Type: NTFS
 
Computer Name: WEISGERBER-VAIO | User Name: Weisgerber | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 7 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Weisgerber\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe ()
PRC - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Windows\SysWOW64\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (vsserv) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WO_LiveService) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe ()
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (DCDhcpService) -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communication Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\drivers\btath_vdp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (LiveTunerPM) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\SearchScopes,bProtectorDefaultScope = {E779FAB9-E5E6-460A-B5FC-99184F5C1BC8}
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\SearchScopes,DefaultScope = {E779FAB9-E5E6-460A-B5FC-99184F5C1BC8}
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_deDE495
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\SearchScopes\{E779FAB9-E5E6-460A-B5FC-99184F5C1BC8}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227980
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\SearchScopes\{F7404544-2563-411F-B0E1-6575E1045651}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;localhost
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2012.06.29 17:28:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 14:15:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.20 15:56:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2012.06.29 17:28:11 | 000,000,000 | ---D | M]
 
[2012.08.02 09:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weisgerber\AppData\Roaming\mozilla\Extensions
[2012.11.14 19:32:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weisgerber\AppData\Roaming\mozilla\Firefox\Profiles\40hac1kq.default\extensions
[2012.08.22 11:44:31 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\Weisgerber\AppData\Roaming\mozilla\Firefox\Profiles\40hac1kq.default\extensions\crossriderapp5060@crossrider.com
[2012.08.02 09:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\WEISGERBER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\40HAC1KQ.DEFAULT\EXTENSIONS\BBRS_002@BLABBERS.COM
[2012.09.18 14:15:36 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.18 14:15:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Weisgerber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0cc09160-108c-4759-bab1-5c12c216e005} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Ashampoo WinOptimizer Live-Tuner] C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1450787644-2747546161-14592126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A1F0E89-E077-437E-B185-E6122C51F4D8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2BCE5F4-02A3-489E-9F40-46E10E96ED9E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{BB2326E0-1AAE-432B-89E1-7BFC8550CD09} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
 
 
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BFE - Service
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MPSSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 7 Days ==========
 
[2012.11.15 12:25:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Weisgerber\Desktop\OTL.exe
[2012.11.15 11:38:50 | 000,000,000 | ---D | C] -- C:\Users\Weisgerber\Desktop\allgem
[2012.11.15 09:12:46 | 000,000,000 | ---D | C] -- C:\Users\Weisgerber\Desktop\Scheiße
[2012.11.15 09:10:20 | 000,000,000 | R--D | C] -- C:\Users\Weisgerber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.11.14 17:58:38 | 000,000,000 | ---D | C] -- C:\Users\Weisgerber\AppData\Local\bdch
[2012.11.14 12:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch
[2012.11.14 12:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.14 12:06:26 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.14 12:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.09 09:34:51 | 000,000,000 | ---D | C] -- C:\Users\Weisgerber\Documents\priv div
[2012.11.08 13:10:41 | 000,000,000 | ---D | C] -- C:\Users\Weisgerber\Desktop\die Fachverwalter Kündigung
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 7 Days ==========
 
[2012.11.15 12:54:25 | 004,194,304 | -HS- | M] () -- C:\Users\Weisgerber\NTUSER.DAT
[2012.11.15 12:43:42 | 000,000,497 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2012.11.15 12:26:14 | 001,613,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 12:26:14 | 000,697,322 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 12:26:14 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 12:26:14 | 000,148,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 12:26:14 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.15 12:25:22 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.15 11:15:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.15 09:17:46 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:17:46 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.15 09:10:06 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.15 09:10:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.11.15 09:09:34 | 3197,915,136 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.14 20:20:18 | 003,559,097 | -H-- | M] () -- C:\Users\Weisgerber\AppData\Local\IconCache.db
[2012.11.14 17:52:53 | 000,000,000 | ---- | M] () -- C:\Users\Weisgerber\defogger_reenable
[2012.11.14 16:47:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Weisgerber\Desktop\OTL.exe
[2012.11.14 12:06:29 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.12 11:44:05 | 000,144,585 | ---- | M] () -- C:\Users\Weisgerber\Desktop\d.3 view - 2012-10-05-.pdf
[2012.11.09 16:02:10 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.14 17:52:53 | 000,000,000 | ---- | C] () -- C:\Users\Weisgerber\defogger_reenable
[2012.11.14 12:06:29 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.12 11:44:03 | 000,144,585 | ---- | C] () -- C:\Users\Weisgerber\Desktop\d.3 view - 2012-10-05-.pdf
[2012.08.20 16:22:21 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.08.20 16:22:21 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.08.13 17:28:34 | 003,559,097 | -H-- | C] () -- C:\Users\Weisgerber\AppData\Local\IconCache.db
[2012.08.13 15:00:36 | 000,001,700 | ---- | C] () -- C:\ProgramData\1344866180.5168.bin
[2012.08.13 14:56:39 | 000,154,016 | ---- | C] () -- C:\ProgramData\1344866180.5288.bin
[2012.08.13 14:56:39 | 000,013,098 | ---- | C] () -- C:\ProgramData\1344866180.2084.bin
[2012.08.13 14:56:39 | 000,007,534 | ---- | C] () -- C:\ProgramData\1344866180.5284.bin
[2012.08.13 14:56:39 | 000,007,401 | ---- | C] () -- C:\ProgramData\1344866180.5624.bin
[2012.08.13 14:56:39 | 000,002,276 | ---- | C] () -- C:\ProgramData\1344866180.5136.bin
[2012.08.13 14:56:39 | 000,001,090 | ---- | C] () -- C:\ProgramData\1344866180.5252.bin
[2012.08.13 14:56:39 | 000,001,090 | ---- | C] () -- C:\ProgramData\1344866180.5224.bin
[2012.08.13 14:56:28 | 000,099,421 | ---- | C] () -- C:\ProgramData\1344866180.5212.bin
[2012.08.13 14:56:21 | 000,033,345 | ---- | C] () -- C:\ProgramData\1344866180.4548.bin
[2012.08.13 14:56:20 | 000,100,246 | ---- | C] () -- C:\ProgramData\1344866180.4600.bin
[2012.08.13 14:08:31 | 000,218,174 | ---- | C] () -- C:\ProgramData\1344863279.bdinstall.bin
[2012.08.13 12:29:55 | 000,000,051 | ---- | C] () -- C:\ProgramData\vngzmtacgemngva
[2012.08.08 15:43:27 | 004,503,728 | ---- | C] () -- C:\ProgramData\ldsw_0paos.pad
[2012.08.07 16:19:36 | 003,661,072 | ---- | C] () -- C:\Windows\SysWow64\mso97rt.dll
[2012.08.07 16:19:36 | 000,195,072 | ---- | C] () -- C:\Windows\SysWow64\msodeGER.dll
[2012.08.07 16:19:35 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\HLINKPRX.DLL
[2012.08.06 14:22:47 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.08.03 12:55:05 | 000,000,849 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.08.03 12:55:05 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.08.03 12:54:26 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2012.08.03 12:54:25 | 000,000,515 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.08.03 12:54:25 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.08.03 12:52:58 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012.08.02 13:38:21 | 000,081,920 | R--- | C] () -- C:\Windows\bwUnin-6.1.4.36-8876480L.exe
[2012.07.27 11:59:37 | 000,076,856 | ---- | C] () -- C:\Users\Weisgerber\AppData\Local\GDIPFONTCACHEV1.DAT
[2012.07.27 11:59:24 | 004,194,304 | -HS- | C] () -- C:\Users\Weisgerber\NTUSER.DAT
[2012.07.27 11:59:24 | 000,524,288 | -HS- | C] () -- C:\Users\Weisgerber\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.07.27 11:59:24 | 000,524,288 | -HS- | C] () -- C:\Users\Weisgerber\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.07.27 11:59:24 | 000,065,536 | -HS- | C] () -- C:\Users\Weisgerber\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.07.27 11:59:24 | 000,000,020 | -HS- | C] () -- C:\Users\Weisgerber\ntuser.ini
[2012.06.16 14:00:35 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.06.16 12:18:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.16 08:11:19 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.16 08:11:19 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.04.16 08:11:19 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.02.02 20:29:52 | 000,066,688 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.02 20:29:48 | 000,061,568 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.02.11 00:03:27 | 001,591,202 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012.11.14 09:19:32 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012.11.14 09:18:18 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-1450787644-2747546161-14592126-1000\$b1202731a8b433cedd78d0cd28516174\n.
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.08.13 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Bitdefender
[2012.08.03 10:48:27 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Downloaded Installations
[2012.10.15 08:13:09 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\iolo
[2012.11.15 11:29:28 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Nitro PDF
[2012.08.28 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\OpenOffice.org
[2012.08.07 13:04:05 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\PC-FAX TX
[2012.08.13 14:58:44 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\QuickScan
[2012.08.03 11:26:04 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\ScanSoft
[2012.11.07 17:44:44 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\SoftGrid Client
[2012.07.29 16:16:12 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\TP
[2012.09.03 15:04:06 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.27 12:01:19 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.06.16 12:39:50 | 000,000,000 | ---D | M] -- C:\Documentation
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.06.16 12:01:32 | 000,000,000 | ---D | M] -- C:\Intel
[2012.08.24 14:34:01 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.13 16:44:51 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.14 19:32:33 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.14 19:34:21 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.11.15 12:23:39 | 000,000,000 | ---D | M] -- C:\RKES
[2012.11.15 12:52:06 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.08.06 14:17:35 | 000,000,000 | ---D | M] -- C:\temp
[2012.08.27 07:43:34 | 000,000,000 | ---D | M] -- C:\Update
[2012.07.27 11:59:23 | 000,000,000 | R--D | M] -- C:\Users
[2012.06.16 13:15:34 | 000,000,000 | ---D | M] -- C:\VAIO Sample Contents
[2012.11.14 19:34:37 | 000,000,000 | ---D | M] -- C:\Windows
 
< %SYSTEMDRIVE%\*.* >
[2012.11.14 20:20:28 | 000,088,244 | ---- | M] () -- C:\bdlog.txt
[2012.05.24 12:39:17 | 002,294,848 | -H-- | M] () -- C:\bdr-bz01
[2012.08.13 15:18:07 | 000,000,403 | -H-- | M] () -- C:\bdr-cf01
[2012.06.28 15:09:02 | 035,176,809 | -H-- | M] () -- C:\bdr-im01.gz
[2012.08.13 15:18:07 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2012.08.13 15:18:07 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2012.08.22 11:45:08 | 000,000,009 | ---- | M] () -- C:\END
[2008.04.11 09:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008.04.11 09:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008.04.11 09:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008.04.11 09:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008.04.11 09:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008.04.11 09:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008.04.11 09:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008.04.11 09:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008.04.11 09:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008.04.11 09:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008.04.11 09:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012.11.15 09:09:34 | 3197,915,136 | -HS- | M] () -- C:\hiberfil.sys
[2008.04.11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008.04.11 09:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008.04.11 07:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008.04.11 07:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008.04.11 07:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008.04.11 07:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008.04.11 07:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008.04.11 07:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008.04.11 07:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008.04.11 09:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008.04.11 07:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008.04.11 07:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012.11.15 09:09:35 | 4263,886,848 | -HS- | M] () -- C:\pagefile.sys
[2012.06.16 12:04:23 | 000,002,197 | ---- | M] () -- C:\RHDSetup.log
[2008.04.11 09:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008.04.11 09:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008.04.11 09:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
[2012.06.16 12:16:47 | 000,000,224 | ---- | M] () -- C:\WLAN_Setup.log
 
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: PROGRAMFILES (X86)
 
< %systemroot%\*.  /mp /s >
 
< %windir%\installer\*. /10 >
[2012.11.13 16:44:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{00010407-78E1-11D2-B60F-006097C998E7}
[2012.11.13 16:44:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}
[2012.11.13 16:44:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{95140000-0070-0000-0000-0000000FF1CE}
[2012.11.13 16:44:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{AC76BA86-7AD7-1031-7B44-AA1000000001}
[2012.11.13 16:44:47 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B9DEEC37-2A7C-46BB-80C5-91F2598295F6}
 
< %appdata%\*. >
[2012.08.02 10:02:47 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Adobe
[2012.07.27 12:01:53 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Atheros
[2012.07.27 12:02:01 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\ATI
[2012.08.13 15:00:39 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Bitdefender
[2012.08.03 17:46:35 | 000,000,000 | R--D | M] -- C:\Users\Weisgerber\AppData\Roaming\Brother
[2012.08.03 10:48:27 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Downloaded Installations
[2012.08.03 11:11:09 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Google
[2012.07.27 12:01:24 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Identities
[2012.08.20 16:21:08 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\InstallShield
[2012.07.27 12:02:08 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Intel Corporation
[2012.10.15 08:13:09 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\iolo
[2012.06.16 12:46:47 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Macromedia
[2012.08.13 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Malwarebytes
[2012.02.24 05:01:37 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Media Center Programs
[2012.08.20 12:17:08 | 000,000,000 | --SD | M] -- C:\Users\Weisgerber\AppData\Roaming\Microsoft
[2012.08.06 14:18:02 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Microsoft Web Folders
[2012.08.02 09:06:19 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Mozilla
[2012.11.15 11:29:28 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Nitro PDF
[2012.08.28 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\OpenOffice.org
[2012.08.07 13:04:05 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\PC-FAX TX
[2012.08.13 14:58:44 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\QuickScan
[2012.08.03 11:26:04 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\ScanSoft
[2012.11.07 17:44:44 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\SoftGrid Client
[2012.07.29 16:26:23 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Sony Corporation
[2012.07.29 16:16:12 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\TP
[2012.09.03 15:04:06 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Roaming\Windows Live Writer
 
< %appdata%\*.* >
 
< %appdata%\*.exe /s >
 
< %localappdata%\*. >
[2012.08.02 10:02:47 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Adobe
[2012.07.27 11:59:24 | 000,000,000 | -HSD | M] -- C:\Users\Weisgerber\AppData\Local\Anwendungsdaten
[2012.08.17 13:09:02 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Apps
[2012.07.27 12:02:01 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\ATI
[2012.11.14 17:58:39 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\bdch
[2012.07.27 12:02:03 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\BMExplorer
[2012.11.07 17:01:25 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\CrashDumps
[2012.09.10 17:00:18 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Diagnostics
[2012.11.13 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\ElevatedDiagnostics
[2012.09.27 13:16:42 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Evernote
[2012.10.15 08:11:30 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Google
[2012.08.08 22:13:35 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Macromedia
[2012.08.21 16:48:19 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Messenger_Plus_Live
[2012.09.03 15:03:59 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Microsoft
[2012.08.02 09:06:05 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Mozilla
[2012.08.09 17:08:45 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\PDF24
[2012.07.29 16:16:04 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\SoftGrid Client
[2012.07.27 12:04:27 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Sony Corporation
[2012.11.15 12:24:47 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Temp
[2012.07.27 11:59:24 | 000,000,000 | -HSD | M] -- C:\Users\Weisgerber\AppData\Local\Temporary Internet Files
[2012.07.27 11:59:24 | 000,000,000 | -HSD | M] -- C:\Users\Weisgerber\AppData\Local\Verlauf
[2012.07.31 14:06:16 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\VirtualStore
[2012.09.03 15:03:40 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Windows Live
[2012.09.03 15:04:06 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\Windows Live Writer
[2012.08.20 13:54:14 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{2CB16C96-BA09-4745-916D-DE69FE64E544}
[2012.09.03 15:04:19 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{45A45115-2988-4A66-B969-D4B5974BF521}
[2012.08.03 17:05:15 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{579284F6-3618-49C9-AA6F-3FA72BD6EA61}
[2012.08.03 17:07:31 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{A065D7DA-D6A8-429D-887F-58774117C95D}
[2012.08.03 17:05:56 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{DBEDFF52-520C-49CD-B179-A4261A9E6FBF}
[2012.08.20 13:54:21 | 000,000,000 | ---D | M] -- C:\Users\Weisgerber\AppData\Local\{F70323D7-144C-4EF6-95ED-0F2EC1C55682}
 
< %localappdata%\*.* >
[2012.08.07 08:04:06 | 000,076,856 | ---- | M] () -- C:\Users\Weisgerber\AppData\Local\GDIPFONTCACHEV1.DAT
[2012.11.14 20:20:18 | 003,559,097 | -H-- | M] () -- C:\Users\Weisgerber\AppData\Local\IconCache.db
 
< %localappdata%\*.exe /s >
[2012.08.03 17:05:50 | 001,287,528 | ---- | M] (Microsoft Corporation) -- C:\Users\Weisgerber\AppData\Local\Microsoft\Windows Live\Installer\Catalog\wlsetup.exe
[2012.04.14 10:43:23 | 001,207,296 | ---- | M] (Google) -- C:\Users\Weisgerber\AppData\Local\Temp\._msige61\GoogleEarth.exe
[2012.04.05 02:01:28 | 000,050,688 | ---- | M] () -- C:\Users\Weisgerber\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
[2012.04.14 10:22:15 | 000,071,680 | ---- | M] (Google) -- C:\Users\Weisgerber\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
[2012.03.12 10:43:03 | 000,293,888 | ---- | M] () -- C:\Users\Weisgerber\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
[2012.04.14 10:22:15 | 000,071,680 | ---- | M] (Google) -- C:\Users\Weisgerber\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
[2002.06.21 13:25:16 | 004,385,999 | R--- | M] (BackWeb) -- C:\Users\Weisgerber\AppData\Local\Temp\ins1.tmp\LDMClient.exe
 
< %allusersprofile%\*. >
[2012.09.10 09:13:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012.06.16 12:51:12 | 000,000,000 | ---D | M] -- C:\ProgramData\ArcSoft
[2012.11.13 16:49:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Atheros
[2012.06.16 14:06:58 | 000,000,000 | ---D | M] -- C:\ProgramData\ATI
[2012.11.14 12:26:51 | 000,000,000 | ---D | M] -- C:\ProgramData\bdch
[2012.08.13 15:16:34 | 000,000,000 | ---D | M] -- C:\ProgramData\BDLogging
[2012.08.13 15:19:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Bitdefender
[2012.08.02 12:54:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Brother
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012.06.16 14:04:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Evernote
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012.08.03 10:03:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2012.08.20 16:26:07 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallShield
[2012.06.16 12:11:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Intel
[2012.10.15 08:13:09 | 000,000,000 | ---D | M] -- C:\ProgramData\iolo
[2012.08.13 14:38:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2012.08.14 07:01:17 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2012.08.14 08:03:13 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2012.08.02 09:06:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2012.08.03 10:49:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Nitro PDF
[2012.06.16 12:42:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Qualcomm Atheros
[2012.09.19 18:22:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2012.07.29 19:49:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony Corporation
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012.06.16 12:23:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2012.06.16 12:54:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012.08.02 08:46:51 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2012.07.27 11:59:18 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012.08.13 12:30:14 | 000,000,000 | ---D | M] -- C:\ProgramData\wduedkihynlargq
[2012.06.16 13:43:47 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2012.09.24 08:47:44 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip
 
< %allusersprofile%\*.* >
[2012.08.13 14:08:31 | 000,218,174 | ---- | M] () -- C:\ProgramData\1344863279.bdinstall.bin
[2012.08.13 14:56:42 | 000,013,098 | ---- | M] () -- C:\ProgramData\1344866180.2084.bin
[2012.08.13 15:20:00 | 000,033,345 | ---- | M] () -- C:\ProgramData\1344866180.4548.bin
[2012.08.13 15:20:00 | 000,100,246 | ---- | M] () -- C:\ProgramData\1344866180.4600.bin
[2012.08.13 14:56:42 | 000,002,276 | ---- | M] () -- C:\ProgramData\1344866180.5136.bin
[2012.08.13 15:00:36 | 000,001,700 | ---- | M] () -- C:\ProgramData\1344866180.5168.bin
[2012.08.13 15:19:59 | 000,099,421 | ---- | M] () -- C:\ProgramData\1344866180.5212.bin
[2012.08.13 14:57:24 | 000,001,090 | ---- | M] () -- C:\ProgramData\1344866180.5224.bin
[2012.08.13 14:58:04 | 000,001,090 | ---- | M] () -- C:\ProgramData\1344866180.5252.bin
[2012.08.13 14:56:42 | 000,007,534 | ---- | M] () -- C:\ProgramData\1344866180.5284.bin
[2012.08.13 15:19:59 | 000,154,016 | ---- | M] () -- C:\ProgramData\1344866180.5288.bin
[2012.08.13 15:00:36 | 000,007,401 | ---- | M] () -- C:\ProgramData\1344866180.5624.bin
[2012.08.08 15:43:27 | 004,503,728 | ---- | M] () -- C:\ProgramData\ldsw_0paos.pad
[2012.08.13 12:30:15 | 000,000,051 | ---- | M] () -- C:\ProgramData\vngzmtacgemngva
 
< %allusersprofile%\*.exe /s >
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20767\AcrobatUpdater.exe
[2012.01.03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20767\AdobeARM.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20767\AdobeARMHelper.exe
[2012.01.03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20767\ReaderUpdater.exe
[2012.04.04 12:17:36 | 000,342,984 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA1000000001}\setup.exe
[2012.08.03 10:03:59 | 000,526,448 | ---- | M] (Google Inc.) -- C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2010.10.29 11:08:13 | 001,100,664 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\setup.exe
[2010.10.29 13:34:52 | 000,838,536 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.de-de\DW20.EXE
[2010.10.29 13:35:19 | 000,519,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.de-de\dwtrig20.exe
[2010.10.29 11:04:36 | 000,149,352 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe
[2010.10.29 13:31:35 | 005,336,456 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\Office.exe
[2010.10.29 13:31:38 | 001,629,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\SetupConsumerC2R.exe
[2010.10.29 13:31:39 | 001,629,584 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\OEMOffice14\OStarter\de-de\SetupConsumerC2ROLW.exe
[2011.11.30 17:49:50 | 000,036,864 | ---- | M] (Sony Corporation) -- C:\ProgramData\Sony Corporation\VAIO Care\DTD\Input\KeyboardDiag\keyboard.exe
[2011.11.30 17:49:50 | 000,015,872 | ---- | M] (Sony Electronics, Inc.) -- C:\ProgramData\Sony Corporation\VAIO Care\DTD\Input\KeyboardDiag\KeyboardChecker.exe
[2011.11.30 17:49:50 | 000,010,240 | ---- | M] (Sony Electronics, Inc.) -- C:\ProgramData\Sony Corporation\VAIO Care\DTD\Input\MouseDiag\MouseChecker.exe
[2012.02.20 17:00:26 | 000,509,952 | ---- | M] () -- C:\ProgramData\Sony Corporation\VAIO Partners\amazon.exe
[2012.02.20 17:00:26 | 000,089,600 | ---- | M] (VMOE) -- C:\ProgramData\Sony Corporation\VAIO Partners\eBay.exe
[2012.02.20 17:00:26 | 000,074,240 | ---- | M] (Microsoft) -- C:\ProgramData\Sony Corporation\VAIO Partners\SnapFish_launcher.exe
[2012.02.20 17:00:26 | 000,351,744 | ---- | M] (Sony) -- C:\ProgramData\Sony Corporation\VAIO Support\VAIOSupport.exe
[2012.06.16 12:54:00 | 000,053,319 | ---- | M] ( ) -- C:\ProgramData\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
[2012.02.03 06:25:36 | 000,417,784 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\oem-eula.exe
[2012.02.03 06:05:06 | 110,082,656 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-007c5ce6-1bb6-4946-8cb2-427ca4efe327-extr.exe
[2012.02.03 04:50:25 | 011,854,680 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-116f9df8-c214-4d0e-bcaa-34d77cf94e60-extr.exe
[2012.02.03 05:10:41 | 051,817,376 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-13c4492f-d600-4592-8bd4-732b10852b8c-extr.exe
[2012.02.03 03:25:13 | 058,485,872 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-1f91ae66-2863-43eb-af99-928f0c961ab8-extr.exe
[2012.02.03 06:17:31 | 144,897,800 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-2d523b9f-de28-4b14-b05b-88f197684f54-extr.exe
[2012.02.03 05:12:30 | 017,471,152 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-4619aa2c-8b46-4e04-bbc6-4ff4e57e29f7-extr.exe
[2012.02.03 05:53:29 | 460,863,152 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-74048466-aa76-43a9-83a3-9aede62042af-extr.exe
[2012.02.03 06:23:39 | 077,786,552 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-74f13a17-0f30-46a9-b407-8cd5c1b6c4fa-extr.exe
[2012.02.03 06:18:25 | 011,063,264 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-8a5fc0de-38ad-4466-ab74-516d45721157-extr.exe
[2012.02.03 02:45:14 | 371,057,168 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-94884525-26b9-4177-be5d-c6df3308a0f0-extr.exe
[2012.02.03 03:30:40 | 020,037,360 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-9985fde3-2b7e-47c9-916b-71c6eb446974-extr.exe
[2012.02.03 02:22:56 | 153,390,768 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-9a593db0-6d64-4380-85e9-d07198fe0175-extr.exe
[2012.02.03 03:14:18 | 270,018,304 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-aa2f7bfe-768f-48b1-a766-ac919f0c8c46-extr.exe
[2012.02.03 02:23:45 | 011,982,928 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-bf2cbfe4-cb30-4edf-be99-d4ed3823a3c9-extr.exe
[2012.02.03 04:24:22 | 381,075,200 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-c4f77793-a369-4622-9c62-4165da04f330-extr.exe
[2012.02.03 04:49:14 | 181,780,656 | ---- | M] (WildTangent) -- C:\ProgramData\WildTangent\GameInstalls\WTA-e3eb8e2c-9b34-40b0-926e-4a093214f2a4-extr.exe

< End of report >
         
 --- --- ---

klausi58 · 16.11.2012, 14:18

Code:

ATTFilter

OTL EXTRAS Logfile:

	Code: 

 ATTFilter

  
	OTL Extras logfile created on: 14.11.2012 19:38:23 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Weisgerber\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,64% Memory free
7,94 Gb Paging File | 5,75 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,71 Gb Total Space | 395,40 Gb Free Space | 88,12% Space Free | Partition Type: NTFS
 
Computer Name: WEISGERBER-VAIO | User Name: Weisgerber | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1450787644-2747546161-14592126-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EB7792D-EFA2-42AB-9A22-F33D9458E974}" = Media Gallery
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{28DB4A00-92CC-481E-5485-12A73F6B88C1}" = ccc-utility64
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{59CFDD96-728A-A88C-36E5-1163342C814F}" = AMD Catalyst Install Manager
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B9DEEC37-2A7C-46BB-80C5-91F2598295F6}" = Nitro Reader 2
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Bitdefender" = Bitdefender Internet Security 2013
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" = 
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08EBCF9F-416D-0BD3-0C9E-2CBFC6688A19}" = CCC Help German
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0AB5F0FD-D917-BB15-163F-B044C606C965}" = CCC Help French
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{1221B471-09BE-71E6-1A26-AAC627625DA0}" = CCC Help Swedish
"{12F9B6AA-B861-CA2C-7DFF-EE4334D9F142}" = CCC Help Spanish
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18EE664A-8121-4023-8E6E-BB2E9AEEC75E}" = Catalyst Control Center - Branding
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{219801B0-668E-5AC0-193A-7F66BC1A9B8D}" = CCC Help Finnish
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{247092CD-6E4C-3B0E-9C93-FCF60191AE1E}" = CCC Help Czech
"{24DAB461-8071-E28A-92BA-470D21AFFDF3}" = CCC Help Thai
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ mit BRAVIA
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{340600B4-1DAF-25DC-1F55-C67A03126F07}" = CCC Help Chinese Traditional
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FAB034-9225-83B3-9539-49267DE32A11}" = CCC Help Polish
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3AF0ACA1-E2CC-64C5-4589-E75E2CF7291C}" = CCC Help Italian
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E1A80F8-3B1C-120E-D205-0D3FC3485995}" = Catalyst Control Center InstallProxy
"{3E22AC09-619F-5C08-0FF2-5947ABC7ACB3}" = Catalyst Control Center
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43DE8A79-029C-38E0-AC90-167333F8EF7E}" = CCC Help Portuguese
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{70991E0A-1108-437E-BA7D-085702C670C0}" = 
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{7762BB16-AF4E-769D-779C-F6E5F7F9D898}" = CCC Help Hungarian
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = 
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" = 
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" = 
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{862D7DA8-D4B6-EDAD-DFB0-D9F27E187B56}" = CCC Help Turkish
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B522F26-C481-1BDB-DA5B-239465957E15}" = CCC Help Russian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9994E62F-F31B-3890-5D17-2548A9F65B23}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA39D3EF-8722-BC43-1429-FD7ED7C0C20A}" = CCC Help Korean
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{AFEDF394-2774-F2F4-6309-4F6436163ECE}" = CCC Help Japanese
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4DEF552-B0CE-89A8-9A8B-936CDF5D041E}" = CCC Help Norwegian
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite MFC-425CN
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C346C112-D8D9-2ACC-3BC8-A204754C68BD}" = CCC Help Dutch
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C7BC5783-3244-FE39-2EF6-CDE781453D17}" = CCC Help Chinese Standard
"{C7CE1BF7-08A1-9DD7-1E1A-101993EC91BC}" = Catalyst Control Center Localization All
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD}" = Remote Play with PlayStation(R)3
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DE93ED51-40D8-48B4-2A02-67EBF85DEE88}" = CCC Help Danish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17D151E-5E8E-C6AF-031E-76A941D2111E}" = Catalyst Control Center Graphics Previews Common
"{E26A3459-C2A9-9C54-4ED5-F0E26DECBD40}" = CCC Help English
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E682702C-609C-4017-99E7-3129C163955F}" = VAIO - Remote-Tastatur mit PlayStation®3
"{E727B31A-8B24-4C1C-934A-69634E0D2C0B}" = Qualcomm Atheros WiFi Driver Installation
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = 
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo WinOptimizer 9_is1" = Ashampoo WinOptimizer 9 v.9.04.31
"Google Chrome" = Google Chrome
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Ista-ADM-System" = Ista-ADM-System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"VAIO Help and Support" = 
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WTA-007c5ce6-1bb6-4946-8cb2-427ca4efe327" = Mystery P.I. - The London Caper
"WTA-116f9df8-c214-4d0e-bcaa-34d77cf94e60" = Insaniquarium Deluxe
"WTA-13c4492f-d600-4592-8bd4-732b10852b8c" = Jewel Quest Solitaire 2
"WTA-1f91ae66-2863-43eb-af99-928f0c961ab8" = Cake Mania
"WTA-2d523b9f-de28-4b14-b05b-88f197684f54" = Plants vs. Zombies - Game of the Year
"WTA-4619aa2c-8b46-4e04-bbc6-4ff4e57e29f7" = Mahjongg Artifacts
"WTA-74048466-aa76-43a9-83a3-9aede62042af" = Mystery of Mortlake Mansion
"WTA-74f13a17-0f30-46a9-b407-8cd5c1b6c4fa" = Virtual Villagers 4 - The Tree of Life
"WTA-8a5fc0de-38ad-4466-ab74-516d45721157" = Polar Bowler
"WTA-94884525-26b9-4177-be5d-c6df3308a0f0" = Bejeweled 3
"WTA-9985fde3-2b7e-47c9-916b-71c6eb446974" = Chuzzle Deluxe
"WTA-9a593db0-6d64-4380-85e9-d07198fe0175" = Agatha Christie - Death on the Nile
"WTA-aa2f7bfe-768f-48b1-a766-ac919f0c8c46" = Build-a-lot 2
"WTA-bf2cbfe4-cb30-4edf-be99-d4ed3823a3c9" = Aloha TriPeaks
"WTA-c4f77793-a369-4622-9c62-4165da04f330" = Fishdom (TM) 2
"WTA-e3eb8e2c-9b34-40b0-926e-4a093214f2a4" = The Hidden Object Game Show
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 18.10.2012 13:12:16 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:16.698]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:18 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:18.242]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:19 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:19.787]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:21 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:21.331]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:22 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:22.891]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:24 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:24.436]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:25 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:25.980]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:27 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:27.524]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:29 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:29.069]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
Error - 18.10.2012 13:12:30 | Computer Name = Weisgerber-VAIO | Source = Brother BrLog | ID = 1001
Description = WDLMW BrtWDLMW: [2012/10/18 19:12:30.613]: [00004280]: lperrcode->api
 = 1 , lperrcode->code = 2   
 
[ System Events ]
Error - 25.09.2012 03:24:07 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:08 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:08 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:09 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:10 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:11 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 25.09.2012 03:24:12 | Computer Name = Weisgerber-VAIO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 15.10.2012 03:13:36 | Computer Name = Weisgerber-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800f0902 fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2731771)
 
Error - 15.10.2012 03:13:36 | Computer Name = Weisgerber-VAIO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
 Systeme (KB2724197)
 
Error - 15.10.2012 07:17:30 | Computer Name = Weisgerber-VAIO | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
 --- --- ---

ryder · 16.11.2012, 15:58

Hm gar nicht gut ...

Zitat:

Lesestoff:
Rootkit-Warnung
Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
Entscheide bitte ganz bewußt, ob du mit der Bereinigung fortfahren möchtest. Ein einmal derartig kompromittiertes System kann man niemals mit 100%iger Sicherheit wieder absichern. Auch wenn wir gute Chancen haben, deinen Computer zu bereinigen, kann es dennoch möglich sein, dass uns am Ende nur die Neuinstallation bleibt.

Wenn du mit diesem Computer beispielsweise Onlinebanking machst, dann solltest du zumindest dein Passwort von deiner Bank ändern lassen, wenn du ein ansonsten sicheres Verfahren wie beispielsweise "chip-TAN-comfort" nutzt. Hast du noch alte TAN-Bögen auf Papierbasis? Dann ist es höchste Zeit dich bei deiner Bank zu melden und notfalls das Konto temporär sperren zu lassen. Der Sperrnotruf 116 116 von www.sperr-notruf.de kann Tag und Nacht dafür benutzt werden.

Hast du ansonsten sensible Daten auf deinem Computer, dann solltest du auch darüber nachdenken, wie du damit umgehst, dass sie sich praktisch "jeder" ansehen konnte.

Teile mir also mit, wie du dich entschieden hast.

Schritt 1:
Scan mit aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Vista und Win7 User mit Rechtsklick "als Admininstartor starten"

Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.

Klicke auf Scan.

Warte bitte bis Scan finished successfully im DOS Fenster steht.

Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Schritt 2:
Scan mit dem TDSS-Killer

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Starte die TDSSKiller.exe

Klicke auf Change parameters, setze einen Haken bei Detect TDLFS file system und bestätige mit OK.

Drücke Start Scan

Warnung:
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

klausi58 · 16.11.2012, 17:29

Hi ryder,

das ist ja mal was nettes. Aber was soll´s. Habe schon mal mein Onlinebanking gesichert. War noch alles ok.

Dann werde ich mal loslegen.

klausi58

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-16 17:44:07
-----------------------------
17:44:07.198 OS Version: Windows x64 6.1.7601 Service Pack 1
17:44:07.198 Number of processors: 2 586 0x2A07
17:44:07.199 ComputerName: WEISGERBER-VAIO UserName: Weisgerber
17:44:10.109 Initialize success
17:45:03.951 AVAST engine defs: 12111600
17:45:47.965 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:45:47.969 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
17:45:47.975 Disk 0 MBR read successfully
17:45:47.979 Disk 0 MBR scan
17:45:48.071 Disk 0 Windows 7 default MBR code
17:45:48.074 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 17112 MB offset 2048
17:45:48.090 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 35047424
17:45:48.108 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 459476 MB offset 35764224
17:45:48.125 Disk 0 scanning C:\Windows\system32\drivers
17:46:01.411 Service scanning
17:46:06.609 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
17:46:06.683 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
17:46:37.940 Modules scanning
17:46:38.283 Disk 0 trace - called modules:
17:46:38.299 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:46:38.303 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007167060]
17:46:38.308 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049e6050]
17:46:40.278 AVAST engine scan C:\Windows
17:46:44.134 AVAST engine scan C:\Windows\system32
17:50:07.059 AVAST engine scan C:\Windows\system32\drivers
17:50:23.137 AVAST engine scan C:\Users\Weisgerber
18:02:33.648 AVAST engine scan C:\ProgramData
18:04:49.977 Scan finished successfully
18:05:31.972 Disk 0 MBR has been saved successfully to "C:\Users\Weisgerber\Desktop\MBR.dat"
18:05:32.065 The log file has been saved successfully to "C:\Users\Weisgerber\Desktop\aswMBR.txt"

18:14:40.0603 4192 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:14:40.0759 4192 ============================================================
18:14:40.0759 4192 Current date / time: 2012/11/16 18:14:40.0759
18:14:40.0759 4192 SystemInfo:
18:14:40.0759 4192
18:14:40.0759 4192 OS Version: 6.1.7601 ServicePack: 1.0
18:14:40.0759 4192 Product type: Workstation
18:14:40.0759 4192 ComputerName: WEISGERBER-VAIO
18:14:40.0759 4192 UserName: Weisgerber
18:14:40.0759 4192 Windows directory: C:\Windows
18:14:40.0759 4192 System windows directory: C:\Windows
18:14:40.0759 4192 Running under WOW64
18:14:40.0759 4192 Processor architecture: Intel x64
18:14:40.0759 4192 Number of processors: 2
18:14:40.0759 4192 Page size: 0x1000
18:14:40.0759 4192 Boot type: Normal boot
18:14:40.0759 4192 ============================================================
18:14:42.0069 4192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:14:42.0335 4192 Drive \Device\Harddisk2\DR5 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:14:42.0350 4192 ============================================================
18:14:42.0350 4192 \Device\Harddisk0\DR0:
18:14:42.0350 4192 MBR partitions:
18:14:42.0350 4192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x216C800, BlocksNum 0xAF000
18:14:42.0350 4192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x221B800, BlocksNum 0x3816A030
18:14:42.0350 4192 \Device\Harddisk2\DR5:
18:14:42.0350 4192 MBR partitions:
18:14:42.0350 4192 \Device\Harddisk2\DR5\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x777FE0
18:14:42.0350 4192 ============================================================
18:14:42.0381 4192 C: <-> \Device\Harddisk0\DR0\Partition2
18:14:42.0381 4192 ============================================================
18:14:42.0381 4192 Initialize success
18:14:42.0381 4192 ============================================================
18:16:17.0510 7184 ============================================================
18:16:17.0510 7184 Scan started
18:16:17.0510 7184 Mode: Manual; TDLFS;
18:16:17.0510 7184 ============================================================
18:16:18.0259 7184 ================ Scan system memory ========================
18:16:18.0259 7184 System memory - ok
18:16:18.0259 7184 ================ Scan services =============================
18:16:18.0556 7184 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:16:18.0587 7184 1394ohci - ok
18:16:18.0696 7184 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:16:18.0727 7184 ACDaemon - ok
18:16:18.0774 7184 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:16:18.0790 7184 ACPI - ok
18:16:18.0790 7184 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:16:18.0790 7184 AcpiPmi - ok
18:16:18.0883 7184 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:16:18.0883 7184 AdobeARMservice - ok
18:16:19.0070 7184 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:19.0070 7184 AdobeFlashPlayerUpdateSvc - ok
18:16:19.0117 7184 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:16:19.0117 7184 adp94xx - ok
18:16:19.0164 7184 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:16:19.0180 7184 adpahci - ok
18:16:19.0211 7184 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:16:19.0211 7184 adpu320 - ok
18:16:19.0258 7184 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:16:19.0258 7184 AeLookupSvc - ok
18:16:19.0304 7184 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:16:19.0336 7184 AFD - ok
18:16:19.0367 7184 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:16:19.0367 7184 agp440 - ok
18:16:19.0382 7184 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:16:19.0382 7184 ALG - ok
18:16:19.0398 7184 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:16:19.0398 7184 aliide - ok
18:16:19.0429 7184 [ 010F8750A454224982CED18F35AA2C04 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:16:19.0429 7184 AMD External Events Utility - ok
18:16:19.0445 7184 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:16:19.0445 7184 amdide - ok
18:16:19.0460 7184 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:16:19.0460 7184 AmdK8 - ok
18:16:19.0710 7184 [ 623EC962E3F8366B3C5DD03B51DE5075 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:16:19.0913 7184 amdkmdag - ok
18:16:19.0944 7184 [ DF73398D14D9A20E0E1ADAEDA63B32D5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:16:19.0944 7184 amdkmdap - ok
18:16:19.0975 7184 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:16:19.0975 7184 AmdPPM - ok
18:16:19.0991 7184 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:16:19.0991 7184 amdsata - ok
18:16:20.0006 7184 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:16:20.0006 7184 amdsbs - ok
18:16:20.0022 7184 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:16:20.0022 7184 amdxata - ok
18:16:20.0053 7184 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:16:20.0053 7184 AppID - ok
18:16:20.0084 7184 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:16:20.0084 7184 AppIDSvc - ok
18:16:20.0116 7184 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:16:20.0116 7184 Appinfo - ok
18:16:20.0131 7184 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:16:20.0131 7184 arc - ok
18:16:20.0147 7184 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:16:20.0147 7184 arcsas - ok
18:16:20.0194 7184 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:16:20.0194 7184 ArcSoftKsUFilter - ok
18:16:20.0287 7184 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:16:20.0334 7184 aspnet_state - ok
18:16:20.0350 7184 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:16:20.0350 7184 AsyncMac - ok
18:16:20.0381 7184 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:16:20.0381 7184 atapi - ok
18:16:20.0443 7184 [ D0B119D6F52BDCA8D204F79D27690209 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
18:16:20.0443 7184 AthBTPort - ok
18:16:20.0506 7184 [ 86F8A0A8D59D0AE2B1096F3103F0E0AD ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:16:20.0506 7184 AtherosSvc - ok
18:16:20.0615 7184 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:16:20.0646 7184 athr - ok
18:16:20.0677 7184 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:16:20.0677 7184 AtiHDAudioService - ok
18:16:20.0708 7184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:16:20.0708 7184 AudioEndpointBuilder - ok
18:16:20.0724 7184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:16:20.0724 7184 AudioSrv - ok
18:16:20.0786 7184 [ F57DE310BF3BD9DF0F7D301C1D7F5432 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
18:16:20.0802 7184 avc3 - ok
18:16:20.0849 7184 [ 4C6BCC638798ABE1F70AFCA70D889C3F ] avchv C:\Windows\system32\DRIVERS\avchv.sys
18:16:20.0864 7184 avchv - ok
18:16:20.0958 7184 [ 6DC4CCA415BBF2FC629BEB532AA0E6CD ] avckf C:\Windows\system32\DRIVERS\avckf.sys
18:16:20.0974 7184 avckf - ok
18:16:21.0020 7184 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:16:21.0020 7184 AxInstSV - ok
18:16:21.0083 7184 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:16:21.0098 7184 b06bdrv - ok
18:16:21.0114 7184 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:16:21.0130 7184 b57nd60a - ok
18:16:21.0192 7184 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:16:21.0270 7184 BBSvc - ok
18:16:21.0332 7184 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:16:21.0332 7184 BBUpdate - ok
18:16:21.0410 7184 [ 138F5A80CDC3A62E2FFB9BEA1B6385AC ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
18:16:21.0426 7184 BdDesktopParental - ok
18:16:21.0457 7184 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:16:21.0457 7184 BDESVC - ok
18:16:21.0551 7184 [ 9920B815BC3B3F2D69071842DD18D422 ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
18:16:21.0582 7184 BdfNdisf - ok
18:16:21.0644 7184 [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
18:16:21.0644 7184 bdfwfpf - ok
18:16:21.0691 7184 [ 31571D77C6186AD228F52EE4EBDF8EE9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
18:16:21.0707 7184 BDSandBox - ok
18:16:21.0738 7184 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:16:21.0738 7184 Beep - ok
18:16:21.0769 7184 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:16:21.0769 7184 blbdrive - ok
18:16:21.0785 7184 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:16:21.0800 7184 bowser - ok
18:16:21.0816 7184 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:16:21.0816 7184 BrFiltLo - ok
18:16:21.0832 7184 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:16:21.0847 7184 BrFiltUp - ok
18:16:21.0863 7184 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
18:16:21.0878 7184 Brother XP spl Service - ok
18:16:21.0910 7184 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:16:21.0910 7184 Browser - ok
18:16:21.0956 7184 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
18:16:21.0972 7184 Brserid - ok
18:16:21.0988 7184 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:16:22.0003 7184 BrSerWdm - ok
18:16:22.0034 7184 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:16:22.0034 7184 BrUsbMdm - ok
18:16:22.0050 7184 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
18:16:22.0050 7184 BrUsbSer - ok
18:16:22.0097 7184 [ C05ED3246C06EC56F10D85B0304CD09E ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
18:16:22.0112 7184 BTATH_A2DP - ok
18:16:22.0144 7184 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
18:16:22.0144 7184 btath_avdt - ok
18:16:22.0175 7184 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
18:16:22.0175 7184 BTATH_BUS - ok
18:16:22.0206 7184 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:16:22.0206 7184 BTATH_HCRP - ok
18:16:22.0237 7184 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:16:22.0237 7184 BTATH_LWFLT - ok
18:16:22.0268 7184 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
18:16:22.0268 7184 BTATH_RCP - ok
18:16:22.0300 7184 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
18:16:22.0315 7184 BTATH_VDP - ok
18:16:22.0362 7184 [ 4FBDD8AF372ED5CB2EA63C0890C62435 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
18:16:22.0378 7184 BtFilter - ok
18:16:22.0409 7184 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:16:22.0409 7184 BthEnum - ok
18:16:22.0440 7184 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:16:22.0440 7184 BTHMODEM - ok
18:16:22.0456 7184 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:16:22.0456 7184 BthPan - ok
18:16:22.0502 7184 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:16:22.0534 7184 BTHPORT - ok
18:16:22.0565 7184 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:16:22.0565 7184 bthserv - ok
18:16:22.0580 7184 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:16:22.0580 7184 BTHUSB - ok
18:16:22.0612 7184 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:16:22.0627 7184 cdfs - ok
18:16:22.0643 7184 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:16:22.0643 7184 cdrom - ok
18:16:22.0674 7184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:16:22.0674 7184 CertPropSvc - ok
18:16:22.0705 7184 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:16:22.0705 7184 circlass - ok
18:16:22.0783 7184 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:16:22.0783 7184 CLFS - ok
18:16:22.0846 7184 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:22.0846 7184 clr_optimization_v2.0.50727_32 - ok
18:16:22.0908 7184 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:16:22.0924 7184 clr_optimization_v2.0.50727_64 - ok
18:16:22.0970 7184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:23.0111 7184 clr_optimization_v4.0.30319_32 - ok
18:16:23.0173 7184 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:16:23.0204 7184 clr_optimization_v4.0.30319_64 - ok
18:16:23.0236 7184 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:16:23.0236 7184 CmBatt - ok
18:16:23.0251 7184 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:16:23.0267 7184 cmdide - ok
18:16:23.0298 7184 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:16:23.0314 7184 CNG - ok
18:16:23.0329 7184 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:16:23.0345 7184 Compbatt - ok
18:16:23.0345 7184 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:16:23.0345 7184 CompositeBus - ok
18:16:23.0360 7184 COMSysApp - ok
18:16:23.0376 7184 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:16:23.0376 7184 crcdisk - ok
18:16:23.0392 7184 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:16:23.0407 7184 CryptSvc - ok
18:16:23.0516 7184 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:16:23.0532 7184 cvhsvc - ok
18:16:23.0641 7184 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
18:16:23.0672 7184 DCDhcpService - ok
18:16:23.0704 7184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:16:23.0704 7184 DcomLaunch - ok
18:16:23.0750 7184 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:16:23.0750 7184 defragsvc - ok
18:16:23.0782 7184 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:16:23.0782 7184 DfsC - ok
18:16:23.0828 7184 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:16:23.0844 7184 Dhcp - ok
18:16:23.0860 7184 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:16:23.0860 7184 discache - ok
18:16:23.0891 7184 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:16:23.0891 7184 Disk - ok
18:16:23.0938 7184 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:16:23.0938 7184 Dnscache - ok
18:16:23.0953 7184 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:16:23.0969 7184 dot3svc - ok
18:16:23.0969 7184 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:16:23.0984 7184 DPS - ok
18:16:24.0000 7184 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:16:24.0000 7184 drmkaud - ok
18:16:24.0047 7184 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:16:24.0047 7184 DXGKrnl - ok
18:16:24.0078 7184 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
18:16:24.0078 7184 e1yexpress - ok
18:16:24.0109 7184 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:16:24.0109 7184 EapHost - ok
18:16:24.0234 7184 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:16:24.0328 7184 ebdrv - ok
18:16:24.0359 7184 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:16:24.0359 7184 EFS - ok
18:16:24.0437 7184 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:16:24.0452 7184 ehRecvr - ok
18:16:24.0468 7184 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:16:24.0484 7184 ehSched - ok
18:16:24.0530 7184 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:16:24.0546 7184 elxstor - ok
18:16:24.0562 7184 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:16:24.0562 7184 ErrDev - ok
18:16:24.0624 7184 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:16:24.0624 7184 EventSystem - ok
18:16:24.0655 7184 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:16:24.0671 7184 exfat - ok
18:16:24.0686 7184 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:16:24.0686 7184 fastfat - ok
18:16:24.0733 7184 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:16:24.0749 7184 Fax - ok
18:16:24.0764 7184 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:16:24.0764 7184 fdc - ok
18:16:24.0796 7184 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:16:24.0796 7184 fdPHost - ok
18:16:24.0827 7184 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:16:24.0827 7184 FDResPub - ok
18:16:24.0858 7184 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:16:24.0858 7184 FileInfo - ok
18:16:24.0874 7184 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:16:24.0874 7184 Filetrace - ok
18:16:24.0936 7184 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:16:24.0936 7184 flpydisk - ok
18:16:24.0952 7184 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:16:24.0967 7184 FltMgr - ok
18:16:25.0014 7184 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:16:25.0045 7184 FontCache - ok
18:16:25.0092 7184 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:16:25.0092 7184 FontCache3.0.0.0 - ok
18:16:25.0108 7184 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:16:25.0108 7184 FsDepends - ok
18:16:25.0123 7184 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:16:25.0123 7184 Fs_Rec - ok
18:16:25.0154 7184 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:16:25.0154 7184 fvevol - ok
18:16:25.0170 7184 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:16:25.0170 7184 gagp30kx - ok
18:16:25.0217 7184 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:16:25.0326 7184 GamesAppService - ok
18:16:25.0373 7184 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:16:25.0404 7184 gpsvc - ok
18:16:25.0466 7184 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:25.0466 7184 gupdate - ok
18:16:25.0498 7184 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:16:25.0498 7184 gupdatem - ok
18:16:25.0560 7184 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:16:25.0622 7184 gusvc - ok
18:16:25.0654 7184 [ 07177B5A8C277074C30AC515FEBD4F37 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
18:16:25.0654 7184 gzflt - ok
18:16:25.0685 7184 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:16:25.0685 7184 hcw85cir - ok
18:16:25.0700 7184 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:16:25.0700 7184 HdAudAddService - ok
18:16:25.0732 7184 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:16:25.0732 7184 HDAudBus - ok
18:16:25.0763 7184 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:16:25.0763 7184 HidBatt - ok
18:16:25.0778 7184 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:16:25.0778 7184 HidBth - ok
18:16:25.0794 7184 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:16:25.0794 7184 HidIr - ok
18:16:25.0825 7184 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:16:25.0825 7184 hidserv - ok
18:16:25.0856 7184 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:16:25.0856 7184 HidUsb - ok
18:16:25.0888 7184 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:16:25.0888 7184 hkmsvc - ok
18:16:25.0919 7184 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:16:25.0919 7184 HomeGroupListener - ok
18:16:25.0950 7184 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:16:25.0950 7184 HomeGroupProvider - ok
18:16:25.0981 7184 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:16:25.0981 7184 HpSAMD - ok
18:16:26.0012 7184 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:16:26.0028 7184 HTTP - ok
18:16:26.0044 7184 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:16:26.0044 7184 hwpolicy - ok
18:16:26.0075 7184 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:16:26.0075 7184 i8042prt - ok
18:16:26.0122 7184 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:16:26.0122 7184 iaStor - ok
18:16:26.0200 7184 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:16:26.0215 7184 IAStorDataMgrSvc - ok
18:16:26.0262 7184 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:16:26.0278 7184 iaStorV - ok
18:16:26.0371 7184 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:16:26.0465 7184 IconMan_R - ok
18:16:26.0512 7184 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:16:26.0527 7184 idsvc - ok
18:16:26.0543 7184 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:16:26.0543 7184 iirsp - ok
18:16:26.0605 7184 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:16:26.0621 7184 IKEEXT - ok
18:16:26.0761 7184 [ E83BB47C3446F0497019DE7FD6C6A86F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:16:26.0886 7184 IntcAzAudAddService - ok
18:16:27.0026 7184 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:16:27.0058 7184 Intel(R) Capability Licensing Service Interface - ok
18:16:27.0104 7184 [ 709C8623721A1F1EF388EA75A07EC33B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:16:27.0104 7184 Intel(R) ME Service - ok
18:16:27.0136 7184 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:16:27.0136 7184 intelide - ok
18:16:27.0167 7184 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:16:27.0167 7184 intelppm - ok
18:16:27.0198 7184 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:16:27.0198 7184 IPBusEnum - ok
18:16:27.0229 7184 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:16:27.0229 7184 IpFilterDriver - ok
18:16:27.0276 7184 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:16:27.0276 7184 IPMIDRV - ok
18:16:27.0307 7184 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:16:27.0307 7184 IPNAT - ok
18:16:27.0323 7184 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:16:27.0323 7184 IRENUM - ok
18:16:27.0354 7184 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:16:27.0354 7184 isapnp - ok
18:16:27.0370 7184 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:16:27.0370 7184 iScsiPrt - ok
18:16:27.0401 7184 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:16:27.0401 7184 iusb3hcs - ok
18:16:27.0432 7184 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:16:27.0448 7184 iusb3hub - ok
18:16:27.0479 7184 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:16:27.0494 7184 iusb3xhc - ok
18:16:27.0541 7184 [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:16:27.0541 7184 jhi_service - ok
18:16:27.0572 7184 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:16:27.0572 7184 kbdclass - ok
18:16:27.0588 7184 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:16:27.0588 7184 kbdhid - ok
18:16:27.0604 7184 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:16:27.0604 7184 KeyIso - ok
18:16:27.0635 7184 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:16:27.0635 7184 KSecDD - ok
18:16:27.0650 7184 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:16:27.0650 7184 KSecPkg - ok
18:16:27.0682 7184 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:16:27.0682 7184 ksthunk - ok
18:16:27.0713 7184 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:16:27.0728 7184 KtmRm - ok
18:16:27.0760 7184 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:16:27.0760 7184 LanmanServer - ok
18:16:27.0791 7184 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:16:27.0791 7184 LanmanWorkstation - ok
18:16:27.0869 7184 [ 101CFC3764C27259847188581B185EA6 ] LiveTunerPM C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys
18:16:27.0884 7184 LiveTunerPM - ok
18:16:27.0900 7184 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:16:27.0900 7184 lltdio - ok
18:16:27.0931 7184 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:16:27.0947 7184 lltdsvc - ok
18:16:27.0947 7184 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:16:27.0962 7184 lmhosts - ok
18:16:27.0994 7184 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:16:27.0994 7184 LMS - ok
18:16:28.0025 7184 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:16:28.0025 7184 LSI_FC - ok
18:16:28.0056 7184 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:16:28.0056 7184 LSI_SAS - ok
18:16:28.0072 7184 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:16:28.0072 7184 LSI_SAS2 - ok
18:16:28.0087 7184 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:16:28.0103 7184 LSI_SCSI - ok
18:16:28.0134 7184 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:16:28.0134 7184 luafv - ok
18:16:28.0165 7184 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:16:28.0165 7184 MBAMProtector - ok
18:16:28.0228 7184 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:16:28.0243 7184 MBAMScheduler - ok
18:16:28.0274 7184 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:16:28.0290 7184 MBAMService - ok
18:16:28.0321 7184 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:16:28.0321 7184 Mcx2Svc - ok
18:16:28.0337 7184 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:16:28.0352 7184 megasas - ok
18:16:28.0384 7184 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:16:28.0384 7184 MegaSR - ok
18:16:28.0399 7184 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:16:28.0415 7184 MEIx64 - ok
18:16:28.0430 7184 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:16:28.0430 7184 MMCSS - ok
18:16:28.0446 7184 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:16:28.0462 7184 Modem - ok
18:16:28.0477 7184 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:16:28.0477 7184 monitor - ok
18:16:28.0493 7184 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:16:28.0493 7184 mouclass - ok
18:16:28.0508 7184 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:16:28.0508 7184 mouhid - ok
18:16:28.0524 7184 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:16:28.0524 7184 mountmgr - ok
18:16:28.0571 7184 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:16:28.0618 7184 MozillaMaintenance - ok
18:16:28.0633 7184 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:16:28.0649 7184 mpio - ok
18:16:28.0680 7184 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:16:28.0680 7184 mpsdrv - ok
18:16:28.0696 7184 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:16:28.0696 7184 MRxDAV - ok
18:16:28.0727 7184 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:16:28.0727 7184 mrxsmb - ok
18:16:28.0758 7184 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:16:28.0758 7184 mrxsmb10 - ok
18:16:28.0805 7184 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:16:28.0805 7184 mrxsmb20 - ok
18:16:28.0820 7184 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:16:28.0836 7184 msahci - ok
18:16:28.0852 7184 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:16:28.0852 7184 msdsm - ok
18:16:28.0914 7184 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:16:28.0914 7184 MSDTC - ok
18:16:28.0961 7184 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:16:28.0961 7184 Msfs - ok
18:16:28.0992 7184 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:16:29.0008 7184 mshidkmdf - ok
18:16:29.0039 7184 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:16:29.0039 7184 msisadrv - ok
18:16:29.0054 7184 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:16:29.0070 7184 MSiSCSI - ok
18:16:29.0070 7184 msiserver - ok
18:16:29.0086 7184 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:16:29.0086 7184 MSKSSRV - ok
18:16:29.0117 7184 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:16:29.0117 7184 MSPCLOCK - ok
18:16:29.0132 7184 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:16:29.0132 7184 MSPQM - ok
18:16:29.0148 7184 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:16:29.0164 7184 MsRPC - ok
18:16:29.0164 7184 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:16:29.0179 7184 mssmbios - ok
18:16:29.0195 7184 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:16:29.0195 7184 MSTEE - ok
18:16:29.0210 7184 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:16:29.0210 7184 MTConfig - ok
18:16:29.0226 7184 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:16:29.0226 7184 Mup - ok
18:16:29.0273 7184 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:16:29.0273 7184 napagent - ok
18:16:29.0304 7184 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:16:29.0320 7184 NativeWifiP - ok
18:16:29.0351 7184 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:16:29.0366 7184 NDIS - ok
18:16:29.0382 7184 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:16:29.0382 7184 NdisCap - ok
18:16:29.0398 7184 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:16:29.0413 7184 NdisTapi - ok
18:16:29.0413 7184 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:16:29.0413 7184 Ndisuio - ok
18:16:29.0444 7184 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:16:29.0444 7184 NdisWan - ok
18:16:29.0460 7184 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:16:29.0460 7184 NDProxy - ok
18:16:29.0491 7184 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:16:29.0491 7184 NetBIOS - ok
18:16:29.0522 7184 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:16:29.0522 7184 NetBT - ok
18:16:29.0538 7184 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:16:29.0538 7184 Netlogon - ok
18:16:29.0569 7184 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:16:29.0569 7184 Netman - ok
18:16:29.0600 7184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:29.0616 7184 NetMsmqActivator - ok
18:16:29.0632 7184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:29.0632 7184 NetPipeActivator - ok
18:16:29.0663 7184 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:16:29.0678 7184 netprofm - ok
18:16:29.0694 7184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:29.0694 7184 NetTcpActivator - ok
18:16:29.0694 7184 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:16:29.0694 7184 NetTcpPortSharing - ok
18:16:29.0725 7184 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:16:29.0725 7184 nfrd960 - ok
18:16:29.0788 7184 [ 85B9891151AD3C1BDBBF7D3F1082DC1A ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
18:16:29.0803 7184 NitroReaderDriverReadSpool2 - ok
18:16:29.0834 7184 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:16:29.0850 7184 NlaSvc - ok
18:16:29.0881 7184 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:16:29.0881 7184 Npfs - ok
18:16:29.0897 7184 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:16:29.0897 7184 nsi - ok
18:16:29.0912 7184 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:16:29.0912 7184 nsiproxy - ok
18:16:29.0975 7184 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:16:30.0006 7184 Ntfs - ok
18:16:30.0037 7184 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:16:30.0037 7184 Null - ok
18:16:30.0256 7184 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:16:30.0474 7184 nvlddmkm - ok
18:16:30.0490 7184 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:16:30.0505 7184 nvraid - ok
18:16:30.0521 7184 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:16:30.0536 7184 nvstor - ok
18:16:30.0552 7184 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:16:30.0552 7184 nv_agp - ok
18:16:30.0599 7184 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:16:30.0599 7184 ohci1394 - ok
18:16:30.0646 7184 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:16:30.0661 7184 ose - ok
18:16:30.0817 7184 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:16:30.0926 7184 osppsvc - ok
18:16:30.0973 7184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:16:30.0989 7184 p2pimsvc - ok
18:16:31.0020 7184 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:16:31.0036 7184 p2psvc - ok
18:16:31.0067 7184 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:16:31.0067 7184 Parport - ok
18:16:31.0082 7184 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:16:31.0082 7184 partmgr - ok
18:16:31.0114 7184 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:16:31.0114 7184 PcaSvc - ok
18:16:31.0145 7184 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:16:31.0145 7184 pci - ok
18:16:31.0160 7184 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:16:31.0160 7184 pciide - ok
18:16:31.0176 7184 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:16:31.0192 7184 pcmcia - ok
18:16:31.0223 7184 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:16:31.0223 7184 pcw - ok
18:16:31.0238 7184 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:16:31.0254 7184 PEAUTH - ok
18:16:31.0332 7184 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:16:31.0348 7184 PerfHost - ok
18:16:31.0426 7184 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:16:31.0457 7184 pla - ok
18:16:31.0472 7184 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:16:31.0488 7184 PlugPlay - ok
18:16:31.0582 7184 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
18:16:31.0613 7184 PMBDeviceInfoProvider - ok
18:16:31.0644 7184 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:16:31.0644 7184 PNRPAutoReg - ok
18:16:31.0675 7184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:16:31.0675 7184 PNRPsvc - ok
18:16:31.0722 7184 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:16:31.0722 7184 PolicyAgent - ok
18:16:31.0753 7184 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:16:31.0753 7184 Power - ok
18:16:31.0784 7184 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:16:31.0784 7184 PptpMiniport - ok
18:16:31.0800 7184 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:16:31.0800 7184 Processor - ok
18:16:31.0831 7184 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:16:31.0831 7184 ProfSvc - ok
18:16:31.0847 7184 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:16:31.0862 7184 ProtectedStorage - ok
18:16:31.0862 7184 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:16:31.0862 7184 Psched - ok
18:16:31.0940 7184 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:16:31.0972 7184 ql2300 - ok
18:16:31.0987 7184 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:16:31.0987 7184 ql40xx - ok
18:16:32.0018 7184 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:16:32.0018 7184 QWAVE - ok
18:16:32.0034 7184 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:16:32.0034 7184 QWAVEdrv - ok
18:16:32.0081 7184 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:16:32.0081 7184 RasAcd - ok
18:16:32.0112 7184 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:16:32.0112 7184 RasAgileVpn - ok
18:16:32.0143 7184 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:16:32.0143 7184 RasAuto - ok
18:16:32.0159 7184 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:16:32.0159 7184 Rasl2tp - ok
18:16:32.0190 7184 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:16:32.0190 7184 RasMan - ok
18:16:32.0206 7184 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:16:32.0206 7184 RasPppoe - ok
18:16:32.0237 7184 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:16:32.0237 7184 RasSstp - ok
18:16:32.0252 7184 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:16:32.0268 7184 rdbss - ok
18:16:32.0284 7184 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:16:32.0284 7184 rdpbus - ok
18:16:32.0299 7184 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:16:32.0299 7184 RDPCDD - ok
18:16:32.0315 7184 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:16:32.0315 7184 RDPENCDD - ok
18:16:32.0330 7184 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:16:32.0330 7184 RDPREFMP - ok
18:16:32.0362 7184 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:16:32.0377 7184 RDPWD - ok
18:16:32.0408 7184 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:16:32.0408 7184 rdyboost - ok
18:16:32.0440 7184 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:16:32.0440 7184 RemoteAccess - ok
18:16:32.0471 7184 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:16:32.0471 7184 RemoteRegistry - ok
18:16:32.0502 7184 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:16:32.0518 7184 RFCOMM - ok
18:16:32.0533 7184 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:16:32.0549 7184 RpcEptMapper - ok
18:16:32.0564 7184 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:16:32.0564 7184 RpcLocator - ok
18:16:32.0596 7184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:16:32.0611 7184 RpcSs - ok
18:16:32.0642 7184 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:16:32.0642 7184 RSPCIESTOR - ok
18:16:32.0674 7184 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:16:32.0689 7184 rspndr - ok
18:16:32.0720 7184 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:16:32.0736 7184 RTL8167 - ok
18:16:32.0767 7184 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:16:32.0767 7184 SamSs - ok
18:16:32.0798 7184 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:16:32.0798 7184 sbp2port - ok
18:16:32.0845 7184 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:16:32.0845 7184 SCardSvr - ok
18:16:32.0892 7184 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:16:32.0892 7184 scfilter - ok
18:16:32.0923 7184 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:16:32.0939 7184 Schedule - ok
18:16:32.0970 7184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:16:32.0970 7184 SCPolicySvc - ok
18:16:33.0017 7184 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:16:33.0017 7184 sdbus - ok
18:16:33.0048 7184 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:16:33.0048 7184 SDRSVC - ok
18:16:33.0064 7184 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:16:33.0064 7184 secdrv - ok
18:16:33.0064 7184 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:16:33.0064 7184 seclogon - ok
18:16:33.0095 7184 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:16:33.0095 7184 SENS - ok
18:16:33.0142 7184 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:16:33.0142 7184 SensrSvc - ok
18:16:33.0157 7184 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:16:33.0157 7184 Serenum - ok
18:16:33.0204 7184 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:16:33.0204 7184 Serial - ok
18:16:33.0220 7184 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:16:33.0220 7184 sermouse - ok
18:16:33.0266 7184 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:16:33.0266 7184 SessionEnv - ok
18:16:33.0298 7184 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
18:16:33.0313 7184 SFEP - ok
18:16:33.0329 7184 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:16:33.0329 7184 sffdisk - ok
18:16:33.0344 7184 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:16:33.0344 7184 sffp_mmc - ok
18:16:33.0360 7184 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:16:33.0360 7184 sffp_sd - ok
18:16:33.0376 7184 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:16:33.0376 7184 sfloppy - ok
18:16:33.0407 7184 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:16:33.0422 7184 Sftfs - ok
18:16:33.0500 7184 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:16:33.0516 7184 sftlist - ok
18:16:33.0532 7184 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:16:33.0547 7184 Sftplay - ok
18:16:33.0563 7184 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:16:33.0563 7184 Sftredir - ok
18:16:33.0563 7184 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:16:33.0563 7184 Sftvol - ok
18:16:33.0594 7184 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:16:33.0610 7184 sftvsa - ok
18:16:33.0656 7184 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:16:33.0672 7184 ShellHWDetection - ok
18:16:33.0703 7184 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:16:33.0703 7184 SiSRaid2 - ok
18:16:33.0719 7184 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:16:33.0734 7184 SiSRaid4 - ok
18:16:33.0766 7184 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:16:33.0844 7184 SkypeUpdate - ok
18:16:33.0875 7184 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:16:33.0875 7184 Smb - ok
18:16:33.0906 7184 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:16:33.0906 7184 SNMPTRAP - ok
18:16:33.0984 7184 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:16:34.0000 7184 SOHCImp - ok
18:16:34.0015 7184 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:16:34.0031 7184 SOHDs - ok
18:16:34.0093 7184 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
18:16:34.0109 7184 SpfService - ok
18:16:34.0140 7184 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:16:34.0140 7184 spldr - ok
18:16:34.0187 7184 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:16:34.0202 7184 Spooler - ok
18:16:34.0327 7184 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:16:34.0405 7184 sppsvc - ok
18:16:34.0421 7184 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:16:34.0421 7184 sppuinotify - ok
18:16:34.0452 7184 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:16:34.0452 7184 srv - ok
18:16:34.0468 7184 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:16:34.0468 7184 srv2 - ok
18:16:34.0483 7184 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:16:34.0499 7184 srvnet - ok
18:16:34.0530 7184 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:16:34.0530 7184 SSDPSRV - ok
18:16:34.0546 7184 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:16:34.0561 7184 SstpSvc - ok
18:16:34.0577 7184 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:16:34.0577 7184 stexstor - ok
18:16:34.0608 7184 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:16:34.0608 7184 StillCam - ok
18:16:34.0655 7184 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:16:34.0670 7184 stisvc - ok
18:16:34.0702 7184 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:16:34.0702 7184 swenum - ok
18:16:34.0733 7184 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:16:34.0748 7184 swprv - ok
18:16:34.0795 7184 [ BD4F51AEF67AB7D57698BC4AAD983D1F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:16:34.0811 7184 SynTP - ok
18:16:34.0904 7184 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:16:34.0951 7184 SysMain - ok
18:16:34.0998 7184 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:16:34.0998 7184 TabletInputService - ok
18:16:35.0014 7184 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:16:35.0014 7184 TapiSrv - ok
18:16:35.0029 7184 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:16:35.0045 7184 TBS - ok
18:16:35.0092 7184 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:16:35.0107 7184 Tcpip - ok
18:16:35.0138 7184 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:16:35.0154 7184 TCPIP6 - ok
18:16:35.0170 7184 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:16:35.0170 7184 tcpipreg - ok
18:16:35.0201 7184 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:16:35.0201 7184 TDPIPE - ok
18:16:35.0216 7184 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:16:35.0216 7184 TDTCP - ok
18:16:35.0232 7184 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:16:35.0232 7184 tdx - ok
18:16:35.0263 7184 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:16:35.0263 7184 TermDD - ok
18:16:35.0294 7184 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:16:35.0310 7184 TermService - ok
18:16:35.0310 7184 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:16:35.0310 7184 Themes - ok
18:16:35.0341 7184 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:16:35.0341 7184 THREADORDER - ok
18:16:35.0372 7184 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:16:35.0372 7184 TrkWks - ok
18:16:35.0404 7184 [ DF219721DDFFCBE03AA894B6B6742BA1 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
18:16:35.0419 7184 trufos - ok
18:16:35.0482 7184 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:16:35.0482 7184 TrustedInstaller - ok
18:16:35.0513 7184 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:16:35.0513 7184 tssecsrv - ok
18:16:35.0528 7184 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:16:35.0528 7184 TsUsbFlt - ok
18:16:35.0560 7184 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:16:35.0560 7184 TsUsbGD - ok
18:16:35.0575 7184 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:16:35.0575 7184 tunnel - ok
18:16:35.0606 7184 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:16:35.0606 7184 uagp35 - ok
18:16:35.0653 7184 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:16:35.0653 7184 uCamMonitor - ok
18:16:35.0684 7184 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:16:35.0684 7184 udfs - ok
18:16:35.0731 7184 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:16:35.0731 7184 UI0Detect - ok
18:16:35.0747 7184 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:16:35.0747 7184 uliagpkx - ok
18:16:35.0778 7184 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:16:35.0778 7184 umbus - ok
18:16:35.0794 7184 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:16:35.0794 7184 UmPass - ok
18:16:35.0887 7184 [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:16:35.0903 7184 UNS - ok
18:16:35.0965 7184 [ 2B1970C804C16D887C28246DB6078EC4 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
18:16:35.0981 7184 UPDATESRV - ok
18:16:36.0012 7184 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:16:36.0028 7184 upnphost - ok
18:16:36.0059 7184 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:16:36.0059 7184 usbccgp - ok
18:16:36.0074 7184 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:16:36.0074 7184 usbcir - ok
18:16:36.0106 7184 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:16:36.0106 7184 usbehci - ok
18:16:36.0152 7184 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:16:36.0168 7184 usbhub - ok
18:16:36.0184 7184 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:16:36.0184 7184 usbohci - ok
18:16:36.0199 7184 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:16:36.0199 7184 usbprint - ok
18:16:36.0230 7184 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:16:36.0230 7184 usbscan - ok
18:16:36.0277 7184 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:16:36.0277 7184 USBSTOR - ok
18:16:36.0308 7184 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:16:36.0308 7184 usbuhci - ok
18:16:36.0340 7184 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:16:36.0340 7184 usbvideo - ok
18:16:36.0371 7184 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:16:36.0371 7184 UxSms - ok
18:16:36.0418 7184 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
18:16:36.0418 7184 VAIO Event Service - ok
18:16:36.0527 7184 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
18:16:36.0589 7184 VAIO Power Management - ok
18:16:36.0605 7184 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:16:36.0605 7184 VaultSvc - ok
18:16:36.0683 7184 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:16:36.0730 7184 VCFw - ok
18:16:36.0792 7184 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:16:36.0839 7184 VcmIAlzMgr - ok
18:16:36.0901 7184 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
18:16:36.0948 7184 VcmINSMgr - ok
18:16:37.0010 7184 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:16:37.0026 7184 VcmXmlIfHelper - ok
18:16:37.0073 7184 [ D076011ECD0D1310E879F32EBF3B4886 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
18:16:37.0073 7184 VCService - ok
18:16:37.0088 7184 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:16:37.0104 7184 vdrvroot - ok
18:16:37.0151 7184 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:16:37.0151 7184 vds - ok
18:16:37.0182 7184 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:16:37.0182 7184 vga - ok
18:16:37.0198 7184 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:16:37.0198 7184 VgaSave - ok
18:16:37.0213 7184 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:16:37.0213 7184 vhdmp - ok
18:16:37.0244 7184 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:16:37.0244 7184 viaide - ok
18:16:37.0244 7184 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:16:37.0260 7184 volmgr - ok
18:16:37.0291 7184 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:16:37.0291 7184 volmgrx - ok
18:16:37.0322 7184 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:16:37.0338 7184 volsnap - ok
18:16:37.0354 7184 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:16:37.0354 7184 vsmraid - ok
18:16:37.0432 7184 [ 596E65BDEE804CC6658A39756CC61849 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
18:16:37.0447 7184 VSNService - ok
18:16:37.0525 7184 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:16:37.0541 7184 VSS - ok
18:16:37.0603 7184 [ 44A325DDD4199F68C56492B33E7E3B75 ] vsserv C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
18:16:37.0619 7184 vsserv - ok
18:16:37.0681 7184 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
18:16:37.0697 7184 VUAgent - ok
18:16:37.0712 7184 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:16:37.0712 7184 vwifibus - ok
18:16:37.0744 7184 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:16:37.0744 7184 vwififlt - ok
18:16:37.0759 7184 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:16:37.0759 7184 vwifimp - ok
18:16:37.0790 7184 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:16:37.0806 7184 W32Time - ok
18:16:37.0822 7184 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:16:37.0822 7184 WacomPen - ok
18:16:37.0853 7184 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:16:37.0853 7184 WANARP - ok
18:16:37.0853 7184 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:16:37.0868 7184 Wanarpv6 - ok
18:16:37.0915 7184 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:16:37.0931 7184 wbengine - ok
18:16:37.0946 7184 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:16:37.0962 7184 WbioSrvc - ok
18:16:37.0993 7184 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:16:37.0993 7184 wcncsvc - ok
18:16:38.0009 7184 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:16:38.0009 7184 WcsPlugInService - ok
18:16:38.0024 7184 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:16:38.0024 7184 Wd - ok
18:16:38.0056 7184 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:16:38.0056 7184 Wdf01000 - ok
18:16:38.0071 7184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:16:38.0087 7184 WdiServiceHost - ok
18:16:38.0087 7184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:16:38.0087 7184 WdiSystemHost - ok
18:16:38.0118 7184 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:16:38.0118 7184 WebClient - ok
18:16:38.0134 7184 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:16:38.0134 7184 Wecsvc - ok
18:16:38.0149 7184 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:16:38.0165 7184 wercplsupport - ok
18:16:38.0196 7184 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:16:38.0196 7184 WerSvc - ok
18:16:38.0212 7184 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:16:38.0212 7184 WfpLwf - ok
18:16:38.0227 7184 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:16:38.0227 7184 WIMMount - ok
18:16:38.0243 7184 WinHttpAutoProxySvc - ok
18:16:38.0305 7184 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:16:38.0305 7184 Winmgmt - ok
18:16:38.0383 7184 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:16:38.0414 7184 WinRM - ok
18:16:38.0461 7184 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:16:38.0461 7184 WinUsb - ok
18:16:38.0539 7184 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:16:38.0555 7184 Wlansvc - ok
18:16:38.0602 7184 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:16:38.0617 7184 wlcrasvc - ok
18:16:38.0726 7184 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:16:38.0758 7184 wlidsvc - ok
18:16:38.0773 7184 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:16:38.0773 7184 WmiAcpi - ok
18:16:38.0804 7184 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:16:38.0804 7184 wmiApSrv - ok
18:16:38.0836 7184 WMPNetworkSvc - ok
18:16:38.0945 7184 [ 94D96F43F7FBECDDEB6D7837FF375611 ] WO_LiveService C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe
18:16:38.0976 7184 WO_LiveService - ok
18:16:39.0023 7184 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:16:39.0023 7184 WPCSvc - ok
18:16:39.0054 7184 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:16:39.0054 7184 WPDBusEnum - ok
18:16:39.0101 7184 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:16:39.0101 7184 ws2ifsl - ok
18:16:39.0101 7184 WSearch - ok
18:16:39.0132 7184 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:16:39.0132 7184 WudfPf - ok
18:16:39.0163 7184 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:16:39.0163 7184 WUDFRd - ok
18:16:39.0210 7184 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:16:39.0210 7184 wudfsvc - ok
18:16:39.0257 7184 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:16:39.0257 7184 WwanSvc - ok
18:16:39.0335 7184 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:16:39.0335 7184 ZAtheros Bt&Wlan Coex Agent - ok
18:16:39.0366 7184 ================ Scan global ===============================
18:16:39.0397 7184 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:16:39.0428 7184 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:16:39.0460 7184 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:16:39.0491 7184 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:16:39.0506 7184 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:16:39.0522 7184 [Global] - ok
18:16:39.0522 7184 ================ Scan MBR ==================================
18:16:39.0538 7184 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:16:39.0990 7184 \Device\Harddisk0\DR0 - ok
18:16:40.0006 7184 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR5
18:16:40.0146 7184 \Device\Harddisk2\DR5 - ok
18:16:40.0146 7184 ================ Scan VBR ==================================
18:16:40.0177 7184 [ 1E28CBFDDF5EE29763C77CAFFFCDB838 ] \Device\Harddisk0\DR0\Partition1
18:16:40.0177 7184 \Device\Harddisk0\DR0\Partition1 - ok
18:16:40.0193 7184 [ 75D791D941BA28C9BC16AB65C99C4073 ] \Device\Harddisk0\DR0\Partition2
18:16:40.0193 7184 \Device\Harddisk0\DR0\Partition2 - ok
18:16:40.0208 7184 [ 7B3BB3EA1CAFA844C839115AB78A7C60 ] \Device\Harddisk2\DR5\Partition1
18:16:40.0208 7184 \Device\Harddisk2\DR5\Partition1 - ok
18:16:40.0208 7184 ============================================================
18:16:40.0208 7184 Scan finished
18:16:40.0208 7184 ============================================================
18:16:40.0208 4136 Detected object count: 0
18:16:40.0208 4136 Actual detected object count: 0
18:18:07.0128 5552 Deinitialize success

ryder · 16.11.2012, 19:49

Dann jetzt bitte ...

Scan mit Combofix

Zitat:

WARNUNG:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

klausi58 · 16.11.2012, 21:40

Code:

ATTFilter


Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 12-11-16.02 - Weisgerber 16.11.2012  20:46:22.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4066.2582 [GMT 1:00]
ausgeführt von:: c:\users\Weisgerber\Desktop\ComboFix.exe
AV: Bitdefender Virenschutz *Enabled/Outdated* {98CD50CE-5097-4098-9669-6C401FB3969C}
FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
SP: Bitdefender Spyware-Schutz *Enabled/Outdated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\1344863279.bdinstall.bin
c:\programdata\1344866180.2084.bin
c:\programdata\1344866180.4548.bin
c:\programdata\1344866180.4600.bin
c:\programdata\1344866180.5136.bin
c:\programdata\1344866180.5168.bin
c:\programdata\1344866180.5212.bin
c:\programdata\1344866180.5224.bin
c:\programdata\1344866180.5252.bin
c:\programdata\1344866180.5284.bin
c:\programdata\1344866180.5288.bin
c:\programdata\1344866180.5624.bin
c:\programdata\ldsw_0paos.pad
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-10-16 bis 2012-11-16  ))))))))))))))))))))))))))))))
.
.
2012-11-16 19:58 . 2012-11-16 19:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-14 16:58 . 2012-11-14 16:58	--------	d-----w-	c:\users\Weisgerber\AppData\Local\bdch
2012-11-14 11:26 . 2012-11-14 11:26	--------	d-----w-	c:\programdata\bdch
2012-11-14 11:06 . 2012-11-16 12:48	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-14 11:06 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-11-01 13:43 . 2012-11-01 13:43	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{88C1D4AE-0D08-4BC4-AD61-E8C390AE18B2}\offreg.dll
2012-10-28 11:05 . 2012-10-12 07:19	9291768	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{88C1D4AE-0D08-4BC4-AD61-E8C390AE18B2}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 08:15 . 2012-08-02 12:01	65309168	----a-w-	c:\windows\system32\MRT.exe
2012-10-15 07:17 . 2012-06-16 11:47	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-15 07:17 . 2012-06-16 11:47	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-12 07:19 . 2012-11-16 20:11	9291768	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A17BABE1-D9C8-4DEB-AFC9-BBEF91D4BF95}\mpengine.dll
2012-09-14 19:19 . 2012-10-15 06:16	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-15 06:16	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-15 06:19	1659760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-15 06:19	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-15 06:19	3914096	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-15 06:19	3968880	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-15 06:17	220160	----a-w-	c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-15 06:16	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 12:57	17810944	----a-w-	c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 12:57	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 12:57	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 12:57	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 12:57	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 12:57	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 12:57	237056	----a-w-	c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 12:57	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 12:57	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 12:57	816640	----a-w-	c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 12:57	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 12:57	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 12:57	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 12:57	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 12:57	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 12:57	248320	----a-w-	c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 12:57	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 12:57	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 12:57	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 12:57	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 12:57	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 12:57	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 06:50	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 06:50	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 06:50	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 06:50	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 12:03	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-15 06:18	243200	----a-w-	c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-15 06:18	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-15 06:18	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-15 06:18	215040	----a-w-	c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-15 06:18	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-15 06:18	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-15 06:18	1162240	----a-w-	c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-15 06:18	338432	----a-w-	c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-15 06:18	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:17	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-15 06:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-15 06:18	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-15 06:18	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-15 06:18	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-15 06:18	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-15 06:18	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-15 06:18	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-15 06:18	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-17 343168]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-21 693608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2012-8-2 169472]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-07 121344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-02-17 545064]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2011-11-17 79952]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-21 112256]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-02-09 340072]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2012-08-17 63784]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-03-20 691896]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-04-11 138232]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-08-17 93160]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-16 235520]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-01-19 106144]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-02-09 2429544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys [2011-03-08 12824]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-07-26 216080]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [2012-08-17 68416]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2012-03-26 978056]
S2 WO_LiveService;Ashampoo LiveTuner Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe [2012-05-14 884608]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-01-19 158880]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-01-19 36000]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-04-16 95248]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-11-25 258736]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-01-19 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-01-19 110752]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-01-19 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-01-19 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-01-19 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-01-19 280992]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys [2012-01-19 421664]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-01-19 550560]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 787736]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-09 565352]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2012-01-16 14336]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 07:17]
.
2012-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 09:02]
.
2012-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-03 09:02]
.
2012-11-16 c:\windows\Tasks\One-Click Optimizer.job
- c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\WO9.exe [2012-09-23 10:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-27 1158248]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-01-19 1016992]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-01-19 800416]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2012-08-17 1528432]
"Ashampoo WinOptimizer Live-Tuner"="c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe" [2012-05-14 2883456]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;localhost
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Weisgerber\AppData\Roaming\Mozilla\Firefox\Profiles\40hac1kq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{0cc09160-108c-4759-bab1-5c12c216e005} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Brother\ControlCenter3\brccMCtl.exe
c:\program files (x86)\Brother\Brmfcmon\BrMfcmon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-11-16  21:32:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-11-16 20:32
.
Vor Suchlauf: 12 Verzeichnis(se), 421.422.776.320 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 420.843.606.016 Bytes frei
.
- - End Of File - - 3E459A71D551860A0748CE7D5E01BA4C
         
 --- --- ---

14.11.2012, 20:27	#7
ryder /// TB-Ausbilder	kein internetzugriff möglich, habe zwei infizierte regiestrierungsschlüssel Du kopierst das aus der orangenen Box in OTL. __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

15.11.2012, 22:13	#9
ryder /// TB-Ausbilder	kein internetzugriff möglich, habe zwei infizierte regiestrierungsschlüssel Dann führte die beiden Schritte aus. Dann gehts auch weiter. __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

kein internetzugriff möglich, habe zwei infizierte regiestrierungsschlüssel

Log-Analyse und Auswertung: kein internetzugriff möglich, habe zwei infizierte regiestrierungsschlüssel