| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Yahoo.com plötzlich als StartseiteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.04.2013, 20:35
| #1 |
 |  Yahoo.com plötzlich als Startseite Hallo, ich bin leider schon wieder auf eure Hilfe angewiesen und hoffe, ihr leitet mich wieder so nett durch den ganzen Prozess durch wie beim ersten Mal. Wie im Betreff beschrieben, hat nach einem Codec-Update (zumindest ist es mir erst danach aufgefallen) sich Yahoo.com selbst als Startseite samt Toolbar eingerichtet. Die Startseite ließ sich bei Firefox und im Internet-Explorer problemlos wieder umstellen. Und bleibt jetzt auch auf meinen eigenen Einstellungen. Den Toolbar konnte ich ebenfalls zumindest optisch entfernen. Ich habe trotzdem Bedenken, ob da noch mehr ist, was ich nicht sehen kann. Ich habe die von euch vorgegebenen Erstschritte gesetzt: 1. Defogger Scan war ergebnislos. 2. OTL Es wurde nur eine Logdatei erstellt (otl.txt, KEIN extra.txt). Das ist Dateiinhalt: Code:
ATTFilter OTL logfile created on: 21.04.2013 20:06:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ms\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000C07 | Country: | Language: | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 72,24% Memory free 7,79 Gb Paging File | 5,61 Gb Available in Paging File | 71,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 446,27 Gb Total Space | 366,24 Gb Free Space | 82,07% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: BOERTA | User Name: ms | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\ms\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\C2MP\TrayMenu.exe () PRC - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC) PRC - C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC) PRC - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) PRC - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\C2MP\TrayMenu.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SCManager) -- C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe () SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (AdobeActiveFileMonitor10.0) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (rimssne) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (risdsnxc) -- C:\Windows\SysNative\drivers\risdsnxc64.sys (REDC) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ie IE - HKCU\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {9E29CBE5-5219-48EB-B28E-1F3B5F806E73} IE - HKCU\..\SearchScopes\{3FFE8CF1-4A99-45A3-B536-2E3D16234D1A}: "URL" = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms} IE - HKCU\..\SearchScopes\{9E29CBE5-5219-48EB-B28E-1F3B5F806E73}: "URL" = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q212&_nkw={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596" FF - prefs.js..browser.search.selectedEngine: "Amazon.de" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://google.at" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M] [2013.03.05 02:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Extensions [2013.04.21 19:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Firefox\Profiles\k6cyhvxy.default\extensions [2013.04.12 15:46:41 | 000,783,286 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\ext@sprng.me.xpi [2013.04.15 15:22:47 | 000,215,824 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\pinterest-addon@felixfung.ca.xpi [2013.04.12 15:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.12 15:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.02.25 06:55:08 | 000,171,584 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.searchnu.com/406 CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.searchnu.com/406 CHR - homepage: hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ch CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{031A699D-83FF-4904-B4E9-F5BF3A28E095}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{557CD5E5-D88D-44B9-B8A7-F81704059BAB}: DhcpNameServer = 10.100.58.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.21 20:05:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe [2013.04.21 18:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater [2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot [2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchMe Toolbar [2013.04.21 14:43:45 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{84F1CB72-1C60-4441-BD10-B2003F3017CF} [2013.04.21 02:43:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{C536DCAF-0DF2-473B-9C54-2C206556BE6A} [2013.04.20 14:43:08 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{60E6538B-8665-4B61-99A2-AFC63FD22A30} [2013.04.20 01:36:30 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4EC8599E-1492-4DAB-82D3-C80D9D7A251D} [2013.04.19 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BB3A9864-1C3A-492B-A6D0-09A6CE2DEB78} [2013.04.18 16:03:30 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{54147F05-2BDA-4665-A7E9-899032076EEB} [2013.04.18 03:26:00 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AE5FD8F2-65C7-4020-9451-AE107D762808} [2013.04.17 15:25:48 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{E35933A4-1626-4A57-B96F-59BE3913DBC3} [2013.04.17 03:25:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{3647FD93-2218-416F-BF91-A58AF8C8E318} [2013.04.16 15:25:10 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{761EE486-BA54-4E19-B0CA-AC8879DA38F3} [2013.04.16 03:24:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{47E750F3-F489-4F91-9714-BA1B0C976B01} [2013.04.15 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2013.04.15 15:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2013.04.15 15:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2013.04.15 15:24:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BB8F364B-2858-487E-AE22-72E1A5D584BF} [2013.04.15 02:26:32 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{73A709E1-7241-4FF9-B88B-5A9623FBF7C6} [2013.04.14 14:26:21 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{12DF7C96-28BF-4CAB-8681-E255030708A0} [2013.04.14 03:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.14 02:25:56 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{871B6E1A-1161-4583-AD7E-632D8AFA2464} [2013.04.13 14:25:45 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{5BA430F8-DECC-4252-BB66-1916B01D6A7D} [2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax.new [2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax [2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax.new [2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax [2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax.new [2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax [2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax.new [2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax [2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax.new [2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax [2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax.new [2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax [2013.04.12 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.12 15:31:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{38B72B5E-6EB7-43C6-9FBE-E9E585E85918} [2013.04.12 03:31:09 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{233D26DE-94A3-4FE5-90EB-A77E5400CAEE} [2013.04.11 15:30:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{A0FB4E95-A9AC-49F6-8A7D-B250EA9A6B70} [2013.04.11 03:30:21 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{458BE287-CE4F-47F9-B00B-46621FB70870} [2013.04.10 15:29:57 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{E34B9074-C780-45A3-BBDB-E94D8175484D} [2013.04.10 03:21:02 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{06414E75-5AF5-4F5C-9EF2-347DC59A667E} [2013.04.09 15:20:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{F113D162-80A5-4632-9347-402264A20D66} [2013.04.09 02:51:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4B5D4C44-6448-45BC-AE01-7D74722E8662} [2013.04.08 01:43:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{DAD02B29-5AB8-4A51-B603-A5A0EB43D715} [2013.04.07 13:43:16 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{BEA702CF-9C3F-4B28-B6FC-76B310584FA6} [2013.04.07 01:43:04 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0E132C0B-61C6-41A5-83F5-398DE9E1F9A4} [2013.04.06 13:42:51 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{C385DDBE-BD6D-4571-98A6-9322BA7CD9FB} [2013.04.05 15:33:34 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{54C1E2D4-D539-43B1-9C20-96AAE3BEC01F} [2013.04.05 03:33:20 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{A3970BFC-7248-46BE-A41C-42394F72D6DA} [2013.04.04 22:41:11 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi [2013.04.04 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{299D3ADB-B1C6-455D-BD7F-4AA681031B59} [2013.04.04 03:32:40 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AD07962C-3BEC-4DAE-B2AF-846FC6ABD032} [2013.04.03 15:32:17 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0FDAFE67-91B9-4AA4-9D3C-6975CA43D219} [2013.04.03 02:10:56 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6E9F3155-34DC-4799-9E14-10F5251AD431} [2013.04.02 14:10:44 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{2A7CC5B8-E970-4BCA-AB50-F6EA5884D4AA} [2013.04.02 03:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack [2013.04.02 03:57:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP [2013.04.02 02:10:33 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{998AAA29-6EB4-45CA-A8CB-72F2FFAA5979} [2013.04.01 14:10:08 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{16882CA1-1F39-44CD-ADE3-0C31B55F70BC} [2013.03.31 18:22:33 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{8B98EC1C-8700-4C14-98D1-4C81B276D23F} [2013.03.31 14:59:15 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{643D476A-2603-4630-8A89-A4047578BC2A} [2013.03.30 18:05:32 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{B79A9384-90B3-4AC6-B414-1AE26946A8FF} [2013.03.30 06:02:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{308EC441-63B8-4156-ADEB-D5C96F1A3B4E} [2013.03.29 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{4B70AFE9-B49E-4CF3-8813-7B3E4B03735D} [2013.03.29 03:24:15 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{0A15E939-6AED-426D-B459-FD67A0B58208} [2013.03.28 15:18:04 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{369623D4-8ADA-4A08-95F9-F77B748C0924} [2013.03.28 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{829093C5-BFDD-4AF5-AA76-BA3D67CDAFA4} [2013.03.27 16:32:23 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{643EB6D2-4B3C-43EB-8543-102B5825717E} [2013.03.27 03:53:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{41F4EB2D-372B-4BAE-9F0A-48FC735E4096} [2013.03.26 15:53:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{8B9B1632-A84D-4E48-8009-C4F8D7FE2BAE} [2013.03.26 03:52:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6BEB655A-1CBA-4525-B30B-5BFD4AAD9D24} [2013.03.25 15:52:37 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{B5F6A9BD-566A-43F8-9B79-AF61F2B7437D} [2013.03.25 03:52:25 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{AB6B85FF-3A71-4318-85F4-5B6B58108464} [2013.03.24 15:52:13 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{CDB4B7FB-8A9D-4984-82D7-2BE21E62FBC8} [2013.03.24 02:36:58 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{10E18410-E7AF-46AB-8C2D-00DC7951A235} [2013.03.23 14:36:46 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{6DEE87C7-B460-475D-B151-5747E22DBDDD} [2013.03.23 02:36:22 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Local\{68F6A860-43DD-4C1D-B3D5-CB2770745DB1} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.21 20:05:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe [2013.04.21 19:59:44 | 000,000,000 | ---- | M] () -- C:\Users\ms\defogger_reenable [2013.04.21 19:59:20 | 000,050,477 | ---- | M] () -- C:\Users\ms\Desktop\Defogger.exe [2013.04.21 19:56:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.21 19:40:46 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.21 19:40:46 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.21 19:40:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.21 18:30:02 | 000,001,873 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2013.04.21 14:44:08 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.21 14:44:08 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.21 14:40:41 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.21 14:40:41 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.21 14:40:41 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.21 14:40:41 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.21 14:40:41 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.21 14:36:13 | 3138,428,928 | -HS- | M] () -- C:\hiberfil.sys [2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\dischandler.exe [2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll.new [2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll [2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll.new [2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll [2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax.new [2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax [2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll.new [2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll [2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll.new [2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll [2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll.new [2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll [2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll.new [2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll [2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll.new [2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll [2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll.new [2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll [2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll.new [2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll [2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll.new [2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll [2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll.new [2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll [2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll.new [2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll.new [2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax.new [2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax [2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll.new [2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll.new [2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll.new [2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll.new [2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll.new [2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll.new [2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll.new [2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll.new [2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2013.04.15 22:02:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk [2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.04.14 21:05:52 | 182,522,087 | ---- | M] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf [2013.04.14 03:04:54 | 005,499,558 | ---- | M] () -- C:\Users\ms\Desktop\FUSION_DE.pdf [2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax.new [2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax [2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax.new [2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax [2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax.new [2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax [2013.04.13 14:24:16 | 000,421,600 | ---- | M] () -- C:\Windows\SysNative\swscale-lav-2.dll [2013.04.13 14:24:14 | 007,977,200 | ---- | M] () -- C:\Windows\SysNative\avcodec-lav-55.dll [2013.04.13 14:24:14 | 001,245,920 | ---- | M] () -- C:\Windows\SysNative\avformat-lav-55.dll [2013.04.13 14:24:14 | 000,289,008 | ---- | M] () -- C:\Windows\SysNative\avutil-lav-52.dll [2013.04.13 14:24:14 | 000,202,648 | ---- | M] () -- C:\Windows\SysNative\avfilter-lav-3.dll [2013.04.13 14:24:14 | 000,194,016 | ---- | M] () -- C:\Windows\SysNative\avresample-lav-1.dll [2013.04.13 14:23:50 | 007,788,672 | ---- | M] () -- C:\Windows\SysWow64\avcodec-lav-55.dll [2013.04.13 14:23:50 | 001,300,152 | ---- | M] () -- C:\Windows\SysWow64\avformat-lav-55.dll [2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax.new [2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax [2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax.new [2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax [2013.04.13 14:23:50 | 000,400,592 | ---- | M] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.04.13 14:23:50 | 000,272,192 | ---- | M] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax.new [2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax [2013.04.13 14:23:50 | 000,194,632 | ---- | M] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.04.13 14:23:50 | 000,172,728 | ---- | M] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2013.04.12 17:57:18 | 000,549,804 | ---- | M] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf [2013.04.10 15:44:51 | 000,098,169 | ---- | M] () -- C:\Users\ms\Desktop\SchlKorr.pdf [2013.04.10 13:12:30 | 000,445,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.05 03:02:47 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.05 03:02:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.03 19:22:30 | 000,000,770 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk [2013.04.02 03:58:36 | 000,001,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2013.03.28 16:40:52 | 000,531,573 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps [2013.03.28 16:39:26 | 000,314,751 | ---- | M] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps [2013.03.28 16:36:08 | 000,305,899 | ---- | M] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps [2013.03.28 16:34:34 | 000,241,232 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps [2013.03.27 20:27:51 | 000,002,851 | ---- | M] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG [2013.03.27 17:36:06 | 000,096,149 | ---- | M] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.21 19:59:44 | 000,000,000 | ---- | C] () -- C:\Users\ms\defogger_reenable [2013.04.21 19:59:15 | 000,050,477 | ---- | C] () -- C:\Users\ms\Desktop\Defogger.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe [2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll.new [2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll [2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll.new [2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll [2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax.new [2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax [2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll.new [2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll [2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll.new [2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll [2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll.new [2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll [2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll.new [2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll [2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll.new [2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll [2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll.new [2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll [2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll.new [2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll [2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll.new [2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll [2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll.new [2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll [2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll.new [2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.new [2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax.new [2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax [2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll.new [2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll.new [2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll.new [2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll.new [2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll.new [2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll.new [2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll.new [2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll.new [2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2013.04.15 22:02:19 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk [2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.04.14 21:05:51 | 182,522,087 | ---- | C] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf [2013.04.14 03:04:45 | 005,499,558 | ---- | C] () -- C:\Users\ms\Desktop\FUSION_DE.pdf [2013.04.13 14:24:16 | 000,421,600 | ---- | C] () -- C:\Windows\SysNative\swscale-lav-2.dll [2013.04.13 14:24:14 | 007,977,200 | ---- | C] () -- C:\Windows\SysNative\avcodec-lav-55.dll [2013.04.13 14:24:14 | 001,245,920 | ---- | C] () -- C:\Windows\SysNative\avformat-lav-55.dll [2013.04.13 14:24:14 | 000,289,008 | ---- | C] () -- C:\Windows\SysNative\avutil-lav-52.dll [2013.04.13 14:24:14 | 000,202,648 | ---- | C] () -- C:\Windows\SysNative\avfilter-lav-3.dll [2013.04.13 14:24:14 | 000,194,016 | ---- | C] () -- C:\Windows\SysNative\avresample-lav-1.dll [2013.04.13 14:23:50 | 007,788,672 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll [2013.04.13 14:23:50 | 001,300,152 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll [2013.04.13 14:23:50 | 000,400,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.04.13 14:23:50 | 000,272,192 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.04.13 14:23:50 | 000,194,632 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.04.13 14:23:50 | 000,172,728 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2013.04.12 17:57:15 | 000,549,804 | ---- | C] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf [2013.04.10 15:44:49 | 000,098,169 | ---- | C] () -- C:\Users\ms\Desktop\Korr.pdf [2013.04.05 03:02:47 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.05 03:02:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.02 03:58:40 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2013.04.02 03:58:36 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2013.03.28 16:40:44 | 000,531,573 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps [2013.03.28 16:39:20 | 000,314,751 | ---- | C] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps [2013.03.28 16:36:02 | 000,305,899 | ---- | C] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps [2013.03.28 16:34:30 | 000,241,232 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps [2013.03.27 20:27:51 | 000,002,851 | ---- | C] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG [2013.03.27 17:36:06 | 000,096,149 | ---- | C] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf [2012.12.19 23:52:54 | 000,000,581 | ---- | C] () -- C:\Users\ms\AppData\Local\cookies.ini [2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini.new [2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini [2012.04.21 02:53:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.04.21 00:54:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.21 00:47:47 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012.03.20 03:15:26 | 013,184,512 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012.03.20 03:15:26 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.03.20 03:15:26 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.03.20 03:15:26 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.03.20 03:15:26 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.03.20 03:15:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012.03.20 03:15:26 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.03.20 03:15:26 | 000,056,476 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2012.03.20 03:15:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [2012.03.20 03:15:25 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.02.03 17:05:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2012.02.03 17:05:40 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll.new [2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll.new [2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll.new [2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll.new [2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll.new [2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe.new [2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll.new [2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe.new [2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe.new [2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll.new [2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll.new [2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll.new [2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll.new [2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.03.08 16:58:29 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\calibre [2012.12.20 00:55:23 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Canneverbe Limited [2013.02.06 19:01:34 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\com.essexreddevelopment.mergepdfmac [2012.09.05 19:44:12 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\iolo [2013.04.04 22:41:11 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi [2012.09.05 10:11:15 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Sony [2012.09.06 22:04:55 | 000,000,000 | ---D | M] -- C:\Users\ms\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > 3. GMER Dabei hatte ich folgendes Problem: die Dateien C:/windows/system32/config/system und C:/users/ms/ntuser.dd konnten nicht geprüft werden, da "der Prozess nicht auf die Datei zugreift, da sie von einem anderen Prozess verwendet wird. Ich habe aber anordnungsgemäß alle Anwendungen vor dem Scan beendet. Die Logdatei lautet: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-21 20:31:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE3O 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\MSC~1\AppData\Local\Temp\fwldqpob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Sony\VAIO Care\listener.exe[7888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]
.text C:\Program Files\Sony\VAIO Care\listener.exe[7888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]
.text ... * 2
.text C:\Users\msl\Desktop\gmer_2.1.19163.exe[6960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dc1465 2 bytes [DC, 75]
.text C:\Users\ms\Desktop\gmer_2.1.19163.exe[6960] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dc14bb 2 bytes [DC, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\spoolsv.exe [1648:3868] 000007fef63910c8
Thread C:\Windows\System32\spoolsv.exe [1648:3872] 000007fef6196144
Thread C:\Windows\System32\spoolsv.exe [1648:3876] 000007fef6145fd0
Thread C:\Windows\System32\spoolsv.exe [1648:3880] 000007fef62c3438
Thread C:\Windows\System32\spoolsv.exe [1648:3884] 000007fef61463ec
Thread C:\Windows\System32\spoolsv.exe [1648:3892] 000007fef6385e5c
Thread C:\Windows\System32\spoolsv.exe [1648:3896] 000007fef61c5074
Thread C:\Windows\system32\wbem\wmiprvse.exe [3292:3400] 0000000074881dbc
Thread C:\Windows\system32\taskhost.exe [3348:2168] 000007fef5842740
Thread C:\Windows\system32\taskhost.exe [3348:2272] 000007fef9eb1f38
Thread C:\Windows\system32\taskhost.exe [3348:3504] 000007fefaf71010
Thread C:\Windows\system32\taskhost.exe [3348:4748] 000007fef5ec5170
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Mir sagen die Scanergebnisse ja leider nichts, mir ist nur bei der OTL-Logdatei aufgefallen, dass auch "searchnu" vorkommt. Searchnu hab ich ja im Februar - wie ich glaubte erfolgreich - bekämpft. Kann mir jemand helfen und sagen, ob ich irgendwelche Schritte ergreifen muss? Vielen herzlichen Dank im Voraus! MS. |
|
24.04.2013, 11:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Yahoo.com plötzlich als Startseite Hallo,
__________________JRT und adwCleaner sollten das eigentlich wieder packen, bitte beide Tools neu runterladen vorher JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ |
|
24.04.2013, 16:25
| #3 |
| | Yahoo.com plötzlich als Startseite Hallo cosinus,
__________________vielen herzlichen Dank dafür, dass du mir wieder hilfst! Hier die Logdateien (in zwei Posts, weil sonst zu lange): 1. JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by ms on 24.04.2013 at 16:25:33,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchsettings
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\search settings
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\ms\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files (x86)\application updater"
Failed to delete: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0198D913-E9DC-4D53-8786-40424BBAC35D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{039D9A9F-7B7B-4237-87F7-8C94FADDCE7C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0422DE62-8AE9-4629-B67F-C20C4109DFFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{05BAFAAC-D85F-431A-AABF-F809FBA6C6C1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0611A9AA-E6D2-4EA7-B54E-A6267DA739C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{06414E75-5AF5-4F5C-9EF2-347DC59A667E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{084B5109-3D1A-4112-B520-F58182F0D6F1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{087F8ACA-3A3E-4E28-BA40-F642D1EBB32E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{094EF4A8-4580-43CE-94CA-2F94AB414519}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{09A90465-E400-4B39-9B8E-97C35A5DDAE5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0A15E939-6AED-426D-B459-FD67A0B58208}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0CE71BCE-B8A6-4EF1-BCF3-1721F10CD4B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0CF87F14-7160-46EB-9EC6-02CC8C094E77}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0E132C0B-61C6-41A5-83F5-398DE9E1F9A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0E883D71-4F61-4C5C-96E3-687231031EA9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0EDE1655-81F5-4833-A1CC-77B14746F18E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0F82E136-0D30-4819-8FDE-F28F870831B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0FA747D8-490E-4690-BA4A-F27AD72EDAF1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{0FDAFE67-91B9-4AA4-9D3C-6975CA43D219}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10703A8E-20A6-43DD-9BB9-99CC359434DC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1073B1D7-6E3F-4D44-B236-243056C6C24E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10E18410-E7AF-46AB-8C2D-00DC7951A235}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{10F0A154-01BB-4171-946E-35A970F40F73}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{11CB20F4-7DFC-4090-9E52-B898AD6FBF61}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{12DF7C96-28BF-4CAB-8681-E255030708A0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{14105D33-2225-41B5-B6C8-907251E81995}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{155AA191-4DE3-4ADC-9035-E1C02DB4BCE5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{15CA877D-B7D6-4EEC-AD51-B47313814941}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{16882CA1-1F39-44CD-ADE3-0C31B55F70BC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{17C06D60-053F-4C51-BA46-54B6C3B90FC4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{19C2902E-9EE1-47CF-893C-D6F5D9E22292}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{19F035A7-5651-471C-939B-51361E0D5059}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A756778-B15B-4DCB-BF2F-5C2CD5276138}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A7B6E8E-8393-4C4D-AD7D-E6C7AC429536}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1A9F1366-60B7-47B0-84CB-98A9467F60D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1AB79264-62A1-43D8-9870-5E252DBDE2E2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1B739E34-9732-4498-A85B-82352FF00065}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1C1687E3-46E3-4377-B2EE-97B35031D8DF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1CE80F74-A1B3-4F17-8647-BBCB397ECC1B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1DBD5BC5-B02E-4F48-A505-9452FCC02218}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1F43F77E-51D0-4704-A619-AA0955DDDA86}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1F816B61-96DD-4F33-B54A-E2C0C5A4664A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{1FEA442E-EB25-48F0-AAC9-70B55A8A4C04}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2246EEC0-CA7A-4533-A76C-081C4380AC9A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2270CE68-D24C-4293-ADB9-24DD07384F08}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{233D26DE-94A3-4FE5-90EB-A77E5400CAEE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2369C75F-BD59-48AD-B359-DFCC8DD97F45}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{236C0FD9-16A8-4692-956A-89A8399C35C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{23A0696E-C2F9-4181-B4F4-EDF92B8A1F3C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{243F5779-A463-4DB9-AEE0-AA865340F3A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2681D495-9C11-4796-9FA0-A6D984D03895}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{270A7466-5244-42A5-A9C9-B4945C649CBB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{29300769-C13E-4C07-9466-C4F253652F0F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{299D3ADB-B1C6-455D-BD7F-4AA681031B59}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A2B282D-9321-4FD6-8960-9E2012A078FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A3D06C4-A9F7-487B-975C-C580C084F285}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2A7CC5B8-E970-4BCA-AB50-F6EA5884D4AA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2BA8C2AE-6160-4266-B756-F076EADCBABE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2D93D997-D69A-4A4E-870E-EAF992955164}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{2F3A64DC-B29D-45DA-BDD4-E68734395C4E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{30194487-8847-4B59-9E3F-C7F73260045C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{308EC441-63B8-4156-ADEB-D5C96F1A3B4E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{309AE3F8-5EC4-477C-8758-92273BF3B976}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3335BB8A-8106-459C-A551-E97DF0E99330}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{343BA6B0-8797-48C4-9318-486A8BE13B17}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{348B0330-8E41-4F7A-AA26-DE3DE4DDB29B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{34A99710-9DCA-4CBF-94CE-DBCF0A16EEA3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{355F7943-1896-480C-820A-220882713CCF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3647FD93-2218-416F-BF91-A58AF8C8E318}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{369623D4-8ADA-4A08-95F9-F77B748C0924}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{380D5CEB-9DC5-48B8-B854-A7AD7BEBF04D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{38B72B5E-6EB7-43C6-9FBE-E9E585E85918}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3A1E7247-C687-441C-9F8B-32B8163B7409}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3B21A904-10C6-438F-AB7F-45FA82B369A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3DFA41DC-8920-402D-A6AF-2D061C54650E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3F0BAE25-7B96-4CF6-BC2A-D36BE337DC9D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3F3BF641-9A4D-4DAB-B9D4-13EECC05AAE9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{3FD2F982-6809-4781-95F1-66099709DBC1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{417757DE-783C-450B-972F-0EC0BD16B48C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{41F4EB2D-372B-4BAE-9F0A-48FC735E4096}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{42B87574-D1B0-4F4A-A588-6101CD5E1D17}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{43EF3EF2-1B95-4C9D-981A-C08ED746468A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{453E7B29-F69D-4030-B6D4-57C31F7189E9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{45522ACF-482E-44A0-8916-25038B009F81}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{458BE287-CE4F-47F9-B00B-46621FB70870}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{46262ECD-7E13-4FCE-834F-3558AF360D09}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4635EDD7-C85E-4B6F-A5FF-7D197C93B91D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4657C9A5-23DC-4129-B5EF-DFA5B10607D5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4688BB92-6B7A-4907-A16C-D50495D2883A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4745B5BB-9A31-4AAB-B025-6DCA793C7884}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{47E750F3-F489-4F91-9714-BA1B0C976B01}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{49E0F17E-E431-4FF0-BFF7-954A5E0DE62D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4B5D4C44-6448-45BC-AE01-7D74722E8662}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4B70AFE9-B49E-4CF3-8813-7B3E4B03735D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4C25909E-056B-4F06-8F69-2B4F96FDA526}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4CB957D8-55F6-4B2D-B1E3-9C3DEE7E1E68}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4D710213-BDDD-4E64-813F-0735DACCF381}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4D912A08-C9EF-4574-82B7-E21216DD0A13}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4DAF4DC3-B567-4DD8-9DE8-D59A9D16F839}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4E6450D6-3260-4604-9B24-8FCDEBA0A31D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{4EC8599E-1492-4DAB-82D3-C80D9D7A251D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{50610ADE-C38B-4830-B242-90EDCD3E1E90}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{52620036-0ABC-4132-88B9-6616B19A00D8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{53864076-523D-453B-810C-DF6DA195AD63}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{54147F05-2BDA-4665-A7E9-899032076EEB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{54C1E2D4-D539-43B1-9C20-96AAE3BEC01F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{556AA37E-6689-438B-B371-7C76499DB7A6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{55C08DA8-7BB0-4330-8403-29ACE1D424B4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{567BAD34-219B-40D9-8968-5E1FE40139CA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56AD2FA0-04D3-4926-873B-8206F9971E9C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56F96588-C09D-4A5E-B13F-2CD9E84E97FF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{56F9850B-DF9D-4470-86EE-E93C5B5990A6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{571FEFAA-A762-45B3-9C46-0DDAFF38949A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{575290F0-2C27-4F2F-B532-6394BA6F2FD6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{57654A19-F9EF-4C0F-B7F0-4D1D4AD8989C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{585F8DBA-0944-4BD9-8A33-37ADA361A508}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{58A687F7-3F53-4763-9E77-3683C5734450}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{593B463C-4853-4113-9D89-F5EF33D22DB8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5A738688-B5E6-471E-974F-54DDFA44A471}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5B351CC4-4813-492B-8032-5844B2E02DBD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5BA430F8-DECC-4252-BB66-1916B01D6A7D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5C51C582-325D-4E5D-A487-2397EE56027B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5CFBA980-FE38-4559-9187-F86729BFEB8C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5D0783F4-1411-45D6-B850-657F5AED062C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5ECC7ECD-A7CA-424A-8AC1-433C4A27B775}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{5EE10DD4-7DBF-4760-A81A-7F1020BBA41B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{60E6538B-8665-4B61-99A2-AFC63FD22A30}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6106E0C9-8172-45B8-BB6D-1A41CC5374EE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{61488230-0C81-498E-9709-A5443E6F8154}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{61E014B7-9420-482E-A49B-B2FCA9A6C0CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6251EE27-0546-49F9-B595-11123F0F2C19}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{643D476A-2603-4630-8A89-A4047578BC2A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{643EB6D2-4B3C-43EB-8543-102B5825717E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{646062CE-0F74-4999-8581-53EEB08A08C3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{64E8A3F9-3430-4A5F-8642-6874BEE982D2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{66C7E1A3-6CCF-4731-91D9-2BC75C649620}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6865926E-6D76-4CA4-90E0-CF38B6140DF8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{68F601CC-6F91-4099-84EC-E24460E42F6F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{68F6A860-43DD-4C1D-B3D5-CB2770745DB1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{69B3A8B4-EC23-4A92-ABAB-50723BF52154}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{69F4E5DD-4A64-488E-BA10-6C835EC109FD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6A6E9EDF-423A-40D7-9217-ACE8BE1C7038}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6BEB655A-1CBA-4525-B30B-5BFD4AAD9D24}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6D3B37B7-6552-42D5-81DA-544986A69077}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6DEE87C7-B460-475D-B151-5747E22DBDDD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E323C4A-D4FE-4B79-A019-67EE2B4C20FE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E980987-7FD6-4D45-A165-F7DB213957B9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6E9F3155-34DC-4799-9E14-10F5251AD431}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6F13C054-6BD7-4E6C-8842-76AECEC3ED58}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{6FCC3B59-2EBE-45B4-B653-B7CD71A3CD74}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{70C221EC-1BBB-4CC0-A7EB-FACE8EAF57E2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{721818C7-AF9C-415B-9452-F90D31CAB360}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{721E0DE7-4E4F-4034-91A5-DFD1363253CB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{72DB0DC9-AF28-4DAC-AFE7-D0651D7682CD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{73A709E1-7241-4FF9-B88B-5A9623FBF7C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{744BC8B4-E9D5-43B3-8819-4797CDEE67BC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{74DD3473-708B-498B-BE97-70EEC98C70E1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{74F4AF4A-D48C-4BAD-9240-5D27BE58DA58}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{75B65375-3266-4CA4-843A-CFA76D192BC7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7607D7C9-56DD-47D7-A6D8-4525AA7899EA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{761EE486-BA54-4E19-B0CA-AC8879DA38F3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{777F83ED-A870-4669-A337-A16008A240E7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{77A23CB1-BFE0-4783-A520-C87CF759CE8B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{794323EC-E37A-4C9F-A11D-DD29A55FFE2E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7945B090-CCED-4F49-A81A-096A2EFD37B4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{798A93ED-389B-4B0A-8188-D7572309B131}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7A92C333-036F-43C9-AA8C-385B6409AD86}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7BE47371-B19E-4F6A-8389-54AC07D6A557}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7C50B6BD-DEF3-4B83-9DE4-40BC7684F30E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7D057D74-4FF6-454B-A1F8-FF891246D644}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7E667C96-F442-434E-9CC9-4D6E6395A355}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7E8271A0-E8FB-4EE7-A8C2-DEEC750AEF57}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7EF16127-9E6B-4AE9-A3C0-C514C3044C7A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7F8DC289-0730-45D2-8908-540C88F68908}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{7FB15CE2-BBAA-4944-AD56-81E5E6115D67}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{80902CDE-557E-4B47-80C7-F4E94F05D3B8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{829093C5-BFDD-4AF5-AA76-BA3D67CDAFA4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{82BDA925-FD7B-4F7D-91E1-0E81E071B9FC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{84F1CB72-1C60-4441-BD10-B2003F3017CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8540EB9A-7178-402E-82A2-C43A3DFD1C1A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{85A0724F-788F-4EA5-BA8A-0C78241CB6C2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{860DE5D2-00CF-4D04-A080-17FDC29EE8D7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8691EB08-BB93-48CE-9348-35BDD932DE7E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{86CECA9F-4B71-47F8-9AA6-FC1FCD7A2204}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{871B6E1A-1161-4583-AD7E-632D8AFA2464}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{87CCF9FD-A000-4D51-AA9E-40CB9C7FA3DE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{87E6E342-D7A5-4375-B29B-072F1211AD8E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8850A970-F63A-4E69-BC7E-53D4C8B416A3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8AD24DF9-3C47-453D-B3C3-E460368734EF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8B98EC1C-8700-4C14-98D1-4C81B276D23F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8B9B1632-A84D-4E48-8009-C4F8D7FE2BAE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8CBD1B59-5B44-49AC-BD74-12E9B2B56EBC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8EAE55E2-8308-4792-A235-2189452F315B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8EF4516B-29C7-405E-9F6E-C9D8FC7E53C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8F80D12A-FD6D-4D74-BB1A-1AA5B49458C0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{8FEC792B-0559-42C2-98F9-1F0E2F13F0DE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9064B4FD-4824-45FC-A79B-61C1E6C23747}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{90897553-729B-4C37-BAD0-141EC3E0143B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{90D31AFF-9E19-45AC-A336-FEEADCF64F48}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9144917B-A855-4B60-8BDB-97D2568E9614}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{92B5EA1D-9073-4D06-AA68-2D2C5292CB0B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{92B7B8C5-C974-4943-9A8C-108B8989400C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{93950EA7-A069-4D24-B56D-6B87CD568FAF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{96141613-E934-439D-A423-117730863576}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9695918B-E523-4278-834A-E43D6DBCC0CF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{96CD6F34-65CE-4188-B504-BBE3784B551F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9862D466-E276-4E01-810E-BCB464182FEF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{998AAA29-6EB4-45CA-A8CB-72F2FFAA5979}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{99F0A1B1-2412-4E61-B6B9-7A2A68310F63}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9A5C106A-7D03-4C27-892D-BE38E394F443}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9A6B2AB6-4501-43F0-8524-F098028220A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B2B1893-690B-4A1B-A1F6-6396DE18A72F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B415C8E-062B-400F-B118-8DE2C4236C7C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B5A3025-7BB4-46EC-92E1-1AAF01EA72EB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9B88787A-9E62-4CD0-9E9D-2B0004B497F4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9C8E635F-8493-44D3-9DBB-FE1B9BF14663}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9DB86CFE-0DA4-48CB-AF0B-23BF75644C74}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9E0DD8E2-A33F-4DC4-9C0E-09C23160888B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{9E65C2C8-0021-441D-8857-614A2B70BE66}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A00CC961-18B1-411F-8280-6DA50597649B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A0FB4E95-A9AC-49F6-8A7D-B250EA9A6B70}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A1312E56-9803-4FF0-85E4-CBA2820FA345}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A1D96A2D-2D86-494A-A871-232E38D007B8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A3970BFC-7248-46BE-A41C-42394F72D6DA}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A52F443F-0945-4D60-9ED7-42552450D02C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A605DDB6-2D03-4392-86ED-9EB5B2B6E5C8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A885DBD9-3340-4CD0-A8D0-18C7552EA533}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{A8B263A3-AA78-41E9-A978-BD6D84602E51}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AAC08F90-568F-45FB-B92D-57F73F019959}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AB66DCEF-B17A-426E-B7D6-DC1611732D06}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AB6B85FF-3A71-4318-85F4-5B6B58108464}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{ACD2C858-87FE-4A8F-860A-ECA6D4DCBF71}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AD07962C-3BEC-4DAE-B2AF-846FC6ABD032}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AE5FD8F2-65C7-4020-9451-AE107D762808}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{AF3D4C96-D115-4344-AEE2-CC67E47B344D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B09EAF4F-2976-423E-8A70-21934E9D6F9F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B0F5B19C-F3A6-4702-9597-73579A350171}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B1E73B66-D6B0-47A4-910F-1AD06E0E2330}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B1FDF897-78C8-42FD-B16D-36EB7F104AA9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2B45D76-56C8-4AC0-AAE9-3D93214B2874}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2D744EA-0A47-40A5-8C20-C5D935CCCCBB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B2E5BCFA-104A-49AD-8EF4-D7E6B6B3208D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B39AA8B6-AB56-4A6E-8B36-B7C53D6B81D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B40D3C9F-4B2E-4E28-877D-EBDBA6508F61}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B4A5FCDF-EDC9-4561-99C9-CCB03839AF9C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5237EAB-BFFF-492E-AF49-3BF51B1621E7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B526E8FA-7E20-4E30-8205-A10FC72D9660}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5C5F40B-7561-4F94-A8F7-14E4D907DDC9}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B5F6A9BD-566A-43F8-9B79-AF61F2B7437D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B79A9384-90B3-4AC6-B414-1AE26946A8FF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B83D0838-8248-424D-8B06-85F546269F0C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{B9968B45-1486-4AF0-BC8B-A927A2FDA564}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB2E506C-A67B-4D7C-AD45-2E3240CAE100}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB3A9864-1C3A-492B-A6D0-09A6CE2DEB78}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BB8F364B-2858-487E-AE22-72E1A5D584BF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BC902370-4D3B-49E8-87DB-F122E4CDC81E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BC9B8998-C9B1-4C79-B644-32ABFFE43C34}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{BEA702CF-9C3F-4B28-B6FC-76B310584FA6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C095A0A9-B49C-4674-8166-56C920A0CB2C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C21D0591-61AA-4E07-8315-F32567A4D985}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C2BB8D52-EF69-4B8E-9B52-C89253B1600A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C385DDBE-BD6D-4571-98A6-9322BA7CD9FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C3AD283B-7803-4E6A-9248-D9A4D57241DF}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C4D656E8-7BAA-4D79-8F64-8707E583B07B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C536DCAF-0DF2-473B-9C54-2C206556BE6A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C71A5DB3-EF10-49F1-B37B-FCA1AB086D7B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C73611F5-8418-4492-A6EA-A09F98493173}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C7808D20-B593-4EE3-9CCA-4195D9098E68}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{C8B362C7-8A29-4F49-8FB8-AF98D8530772}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CA1A0A45-0D16-440A-AB24-7709B66A03B0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CA852499-31B6-468C-BA3C-35F104311F81}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CAF9D96D-1AC0-499D-9E5F-B45082F956C2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CB7A9ED8-589E-4F26-A241-EAC5E532EBF0}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CC55E4D1-CFE6-46C4-BFB6-6B4438E95973}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CCAE7BB3-5C0F-449F-B99D-C81948A7BB77}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CD14E3CA-5E6B-4F26-8BEE-393CF9570610}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CDB4B7FB-8A9D-4984-82D7-2BE21E62FBC8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{CF7294ED-17A3-4828-91FE-FF259E19DFA6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D0EBCE5A-3008-4277-88D7-5A2CFA9754A4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D143F178-306B-475E-BFBD-859A76571CAB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D1546233-A5AD-4EFE-8FFF-4BC20B883221}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D1670C02-99B1-4C3D-9D76-9BE83AE3F695}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D2BDE7B3-05A1-457D-8230-DBB6C398A9DC}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D3760404-F6F5-46B9-B443-9F57C9631344}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D3D721FB-5EF2-4CE3-AF2D-FE3E25F6CBFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D51E86F0-5186-468E-A311-79B8A234447E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{D59B0369-64E2-4D5A-BEA7-BB4838A241F4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DA58993E-8EDB-454F-8C66-6CF20895084E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DACE2683-43DA-45BF-BC2C-C2AD53B669E3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DAD02B29-5AB8-4A51-B603-A5A0EB43D715}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DBD191C1-C07C-4FD3-BFA9-B79219442342}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DBF4CB2C-60DD-4C0B-8FBF-FA2C7C9EFEBE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DC08ABDC-AF80-49D3-80D1-30610570A4FB}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DC98D6B7-D256-464B-B0A3-F952AA1F4363}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DD82EF7D-90BB-418C-A140-A9A866941749}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{DDB42A3F-ECC1-4C96-B70A-5718D90C198A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E0463C6E-8186-43C9-BAEF-8809B2FFFAFE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E112E3AC-8722-485B-93C1-CDBBD169CA90}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E34B9074-C780-45A3-BBDB-E94D8175484D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E35933A4-1626-4A57-B96F-59BE3913DBC3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E5A025F6-D1B3-4123-8A4B-5D24B27965FD}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E5B39437-7270-4BA6-92F0-B30D1874E61A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E7ED7B42-8DB6-405A-936A-1F21E2A4D08D}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{E8388610-8D7C-4FA0-A28C-0E96D7074F1C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EA0BF275-1BE8-4D62-AF65-7D84A4E9204F}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EA6F66D8-2AF6-4508-B3EC-64020C7903AE}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB5A4FA7-FC5B-440D-A6E3-C0DFE8C11D57}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB68A377-F632-4633-906B-F34BC215BCD1}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EB8678CE-55EA-4A96-98F1-AA3ADDD1DBE8}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EBC8F90F-BC7F-414A-A350-84460B1B76E4}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{ECC18153-223E-4F8F-8259-89DBC0398A8C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EDF7E9CD-133E-4EF4-92E7-228D69C4B9D7}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EEB5C2A4-FD3C-461E-B1E7-DF2809FC9D0E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EED8BA70-8138-4363-8757-D29435B2009C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EF252D3D-4F01-4A04-9909-9C7421D639A2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{EF818E2B-AAF4-4124-864D-FC522A60955A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F113D162-80A5-4632-9347-402264A20D66}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F1200D5B-EB6C-45BF-8E7C-04DB36574B32}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F221CE94-1A83-457A-96E8-4C66D7A1249C}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F26979EB-7A34-4972-BAF1-A661CA3696D5}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F277A191-3CCA-4CC5-BF2B-F4CEA3B23770}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F41B1416-E92E-403F-A24E-D6BC09A60C1A}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F49EE57B-0A1F-493B-99BE-04AA7D2007C6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F4A94BA8-3AD5-48FC-BE2F-ED79CC1FE94E}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F634E329-CEC8-4DE3-BD79-886677FA3549}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F66E72AF-A7BC-4B88-8FF7-196F82475EC3}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F7678C03-E3D9-4FDC-8EA7-55420302131B}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{F900D242-1C0F-4124-93AA-1852B914C895}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FB9B7B56-0DD2-4A6C-98C7-89F1CAAE6D15}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FBB93FCD-24F5-402D-987A-D54551C3F049}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FBEFECE2-BFE6-41E6-855B-52D547EB97B2}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FDCB6667-E597-48A8-994E-BA7EB46D5C05}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FE576015-FDDD-4B39-911E-268344BC11D6}
Successfully deleted: [Empty Folder] C:\Users\ms\appdata\local\{FF1AA0FA-207B-49CA-B760-1B459C0512FE}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\jetpack
Emptied folder: C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\minidumps [117 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.04.2013 at 16:29:31,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.202 - Datei am 24/04/2013 um 16:57:37 erstellt
# Aktualisiert am 23/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : ms - BOERTA
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\ms\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Common Files\spigot
Ordner Gelöscht : C:\Users\ms\AppData\Roaming\Mozilla\Firefox\Profiles\k6cyhvxy.default\jetpack
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\ms\AppData\Roaming\Mozilla\Firefox\Profiles\k6cyhvxy.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1402 octets] - [24/04/2013 16:57:37]
########## EOF - C:\AdwCleaner[S1].txt - [1462 octets] ##########
Fortsetzung folgt... Hier der zweite Teil.... 3. OLT OLT.exe: Code:
ATTFilter OTL logfile created on: 24.04.2013 17:04:13 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ms\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,37% Memory free 7,79 Gb Paging File | 5,48 Gb Available in Paging File | 70,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 446,27 Gb Total Space | 364,12 Gb Free Space | 81,59% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: BOERTA | User Name: ms | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\ms\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () PRC - C:\Windows\SysWOW64\C2MP\TrayMenu.exe () PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC) PRC - C:\Program Files (x86)\SafeConnect\scClient.exe (Impulse Point, LLC) PRC - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) PRC - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () MOD - C:\Windows\SysWOW64\C2MP\TrayMenu.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll () MOD - C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SCManager) -- C:\Program Files (x86)\SafeConnect\scManager.sys (Impulse Point, LLC) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe () SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (AdobeActiveFileMonitor10.0) -- c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (rimssne) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (risdsnxc) -- C:\Windows\SysNative\drivers\risdsnxc64.sys (REDC) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data] IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.at/ IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes\{10495EC9-E2A8-4A7B-BFB7-EC629A0B7492}: "URL" = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms} IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\..\SearchScopes\{9E29CBE5-5219-48EB-B28E-1F3B5F806E73}: "URL" = hxxp://rover.ebay.com/rover/1/5221-29898-16445-29/4?mpre=hxxp://shop.ebay.at/?oemInLn=ieSrch-Q212&_nkw={searchTerms} IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-888597308-3932801771-4181189287-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://google.at" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 15:34:31 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 15:34:06 | 000,000,000 | ---D | M] [2013.03.05 02:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Extensions [2013.04.21 19:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\Firefox\Profiles\k6cyhvxy.default\extensions [2013.04.12 15:46:41 | 000,783,286 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\ext@sprng.me.xpi [2013.04.15 15:22:47 | 000,215,824 | ---- | M] () (No name found) -- C:\Users\ms\AppData\Roaming\mozilla\firefox\profiles\k6cyhvxy.default\extensions\pinterest-addon@felixfung.ca.xpi [2013.04.12 15:34:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.12 15:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.02.25 06:55:08 | 000,171,584 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.searchnu.com/406 CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.searchnu.com/406 CHR - homepage: hxxp://search.yahoo.com?type=888596&fr=spigot-yhp-ch CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\ms\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\7.0\searchmeToolbarIE.dll (Spigot, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe () O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{031A699D-83FF-4904-B4E9-F5BF3A28E095}: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{557CD5E5-D88D-44B9-B8A7-F81704059BAB}: DhcpNameServer = 10.100.58.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.24 16:23:21 | 000,535,764 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\ms\Desktop\JRT.exe [2013.04.21 20:05:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe [2013.04.21 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchMe Toolbar [2013.04.15 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2013.04.15 15:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2013.04.15 15:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2013.04.14 03:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.13 14:24:54 | 001,515,520 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax [2013.04.13 14:24:48 | 000,364,720 | ---- | C] (Intel Corp.) -- C:\Windows\SysNative\IntelQuickSyncDecoder.dll [2013.04.13 14:24:40 | 000,509,952 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax [2013.04.13 14:24:36 | 000,272,384 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax [2013.04.13 14:23:50 | 001,185,456 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax [2013.04.13 14:23:50 | 000,424,624 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax [2013.04.13 14:23:50 | 000,284,336 | ---- | C] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll [2013.04.13 14:23:50 | 000,244,400 | ---- | C] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax [2013.04.12 15:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.10 03:01:16 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.10 03:01:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.10 03:01:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.10 03:01:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.10 03:01:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.10 03:01:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.10 03:01:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.10 03:01:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.10 03:01:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.10 03:01:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.10 03:01:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.10 03:01:13 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.10 03:01:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.10 03:01:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.10 03:01:10 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.10 02:18:08 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.10 02:18:08 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.10 02:18:07 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.04.10 02:18:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.04.10 02:18:07 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.04.10 02:18:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.04.10 02:14:59 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 02:14:58 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 02:14:57 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 02:14:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 02:14:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 02:14:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.04.05 03:02:49 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.04.05 03:02:49 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.04.05 03:02:49 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.04.05 03:02:49 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.04.05 03:02:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.04.05 03:02:49 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.04.05 03:02:48 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.04.05 03:02:48 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.04.05 03:02:48 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.04.05 03:02:48 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.04.05 03:02:48 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.04.05 03:02:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.04.05 03:02:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.04.05 03:02:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.04.05 03:02:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.04.05 03:02:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.04.05 03:02:48 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.04.05 03:02:47 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.04.05 03:02:47 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.04.05 03:02:47 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.04.05 03:02:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.04.05 03:02:47 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.04.05 03:02:47 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.04.05 03:02:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.04.05 03:02:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.04.05 03:02:45 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.04.05 03:02:45 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.04.05 03:02:45 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.04.05 03:02:45 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.04.05 03:02:45 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.04.05 03:02:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.04.05 03:02:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.04.05 03:02:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.04.05 03:02:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.04.05 03:02:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.04.05 03:02:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.04.05 03:02:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.04.05 03:02:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.04.05 03:02:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.04.05 03:02:44 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.04.05 03:02:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.04.05 03:02:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.04.05 03:02:44 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.04.05 03:02:44 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.04.05 03:02:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.04.05 03:02:44 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.04.05 03:02:44 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.04.05 03:02:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.04.05 03:02:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.04.05 03:02:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.04.05 03:02:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.04.05 03:02:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.04.05 03:02:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.04.04 22:41:11 | 000,000,000 | ---D | C] -- C:\Users\ms\AppData\Roaming\RavensburgerTipToi [2013.04.02 03:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack [2013.04.02 03:57:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.24 17:07:19 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 17:07:19 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.24 17:06:52 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.24 17:06:52 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.24 17:06:52 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.24 17:06:52 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.24 17:06:52 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.24 16:59:46 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.24 16:59:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.24 16:59:28 | 3138,428,928 | -HS- | M] () -- C:\hiberfil.sys [2013.04.24 16:56:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.24 16:55:56 | 000,619,461 | ---- | M] () -- C:\Users\ms\Desktop\adwcleaner.exe [2013.04.24 16:23:21 | 000,535,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\ms\Desktop\JRT.exe [2013.04.24 16:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.23 21:29:29 | 001,516,251 | ---- | M] () -- C:\Users\ms\Desktop\AVG Original.pdf [2013.04.22 18:56:52 | 1425,113,545 | ---- | M] () -- C:\Users\ms\Desktop\Game.of.Thrones.S03E04.720p.HDTV.x264-EVOLVE.mkv [2013.04.21 20:22:05 | 000,377,856 | ---- | M] () -- C:\Users\ms\Desktop\gmer_2.1.19163.exe [2013.04.21 20:05:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ms\Desktop\OTL.exe [2013.04.21 19:59:44 | 000,000,000 | ---- | M] () -- C:\Users\ms\defogger_reenable [2013.04.21 19:59:20 | 000,050,477 | ---- | M] () -- C:\Users\ms\Desktop\Defogger.exe [2013.04.21 18:30:02 | 000,001,873 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | M] () -- C:\Windows\SysWow64\dischandler.exe [2013.04.16 12:40:36 | 004,012,544 | ---- | M] () -- C:\Windows\SysNative\ffmpeg.dll [2013.04.16 12:39:26 | 000,127,488 | ---- | M] () -- C:\Windows\SysNative\ff_vfw.dll [2013.04.16 12:39:14 | 004,372,992 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax [2013.04.16 12:38:32 | 000,474,624 | ---- | M] () -- C:\Windows\SysNative\ff_kernelDeint.dll [2013.04.16 12:37:38 | 000,631,296 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll [2013.04.16 12:37:36 | 000,114,688 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll [2013.04.16 12:37:32 | 000,183,296 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll [2013.04.16 12:37:30 | 000,156,672 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll [2013.04.16 12:37:28 | 001,532,928 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll [2013.04.16 12:37:28 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll [2013.04.16 12:37:24 | 000,190,464 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll [2013.04.16 12:37:24 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll [2013.04.16 12:35:04 | 003,915,776 | ---- | M] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.04.16 12:33:50 | 000,112,640 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.04.16 12:33:32 | 003,501,568 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax [2013.04.16 12:32:28 | 000,157,184 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.04.16 12:32:24 | 000,271,360 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.04.16 12:32:18 | 000,099,840 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.04.16 12:32:16 | 000,211,968 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.04.16 12:32:16 | 000,147,456 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.04.16 12:32:14 | 001,525,760 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.04.16 12:32:14 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.04.16 12:32:10 | 000,136,704 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2013.04.15 22:02:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk [2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.04.15 16:00:39 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.04.15 15:28:50 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.15 15:28:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.14 21:05:52 | 182,522,087 | ---- | M] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf [2013.04.14 03:04:54 | 005,499,558 | ---- | M] () -- C:\Users\ms\Desktop\FUSION_DE.pdf [2013.04.13 14:24:54 | 001,515,520 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVVideo.ax [2013.04.13 14:24:48 | 000,364,720 | ---- | M] (Intel Corp.) -- C:\Windows\SysNative\IntelQuickSyncDecoder.dll [2013.04.13 14:24:40 | 000,509,952 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVSplitter.ax [2013.04.13 14:24:36 | 000,272,384 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysNative\LAVAudio.ax [2013.04.13 14:24:16 | 000,421,600 | ---- | M] () -- C:\Windows\SysNative\swscale-lav-2.dll [2013.04.13 14:24:14 | 007,977,200 | ---- | M] () -- C:\Windows\SysNative\avcodec-lav-55.dll [2013.04.13 14:24:14 | 001,245,920 | ---- | M] () -- C:\Windows\SysNative\avformat-lav-55.dll [2013.04.13 14:24:14 | 000,289,008 | ---- | M] () -- C:\Windows\SysNative\avutil-lav-52.dll [2013.04.13 14:24:14 | 000,202,648 | ---- | M] () -- C:\Windows\SysNative\avfilter-lav-3.dll [2013.04.13 14:24:14 | 000,194,016 | ---- | M] () -- C:\Windows\SysNative\avresample-lav-1.dll [2013.04.13 14:23:50 | 007,788,672 | ---- | M] () -- C:\Windows\SysWow64\avcodec-lav-55.dll [2013.04.13 14:23:50 | 001,300,152 | ---- | M] () -- C:\Windows\SysWow64\avformat-lav-55.dll [2013.04.13 14:23:50 | 001,185,456 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVVideo.ax [2013.04.13 14:23:50 | 000,424,624 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVSplitter.ax [2013.04.13 14:23:50 | 000,400,592 | ---- | M] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.04.13 14:23:50 | 000,284,336 | ---- | M] (Intel Corp.) -- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll [2013.04.13 14:23:50 | 000,272,192 | ---- | M] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.04.13 14:23:50 | 000,244,400 | ---- | M] (1f0.de - Hendrik Leppkes) -- C:\Windows\SysWow64\LAVAudio.ax [2013.04.13 14:23:50 | 000,194,632 | ---- | M] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.04.13 14:23:50 | 000,172,728 | ---- | M] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2013.04.12 17:57:18 | 000,549,804 | ---- | M] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf [2013.04.10 15:44:51 | 000,098,169 | ---- | M] () -- C:\Users\ms\Desktop\Korr.pdf [2013.04.10 13:12:30 | 000,445,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.05 03:02:49 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.04.05 03:02:49 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.04.05 03:02:49 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.04.05 03:02:49 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.04.05 03:02:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.04.05 03:02:49 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.04.05 03:02:48 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.04.05 03:02:48 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.04.05 03:02:48 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.04.05 03:02:48 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.04.05 03:02:48 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.04.05 03:02:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.04.05 03:02:48 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.04.05 03:02:48 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.04.05 03:02:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.04.05 03:02:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.04.05 03:02:48 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.04.05 03:02:47 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.04.05 03:02:47 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.04.05 03:02:47 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.04.05 03:02:47 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.04.05 03:02:47 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.04.05 03:02:47 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.04.05 03:02:47 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.04.05 03:02:47 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.05 03:02:47 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.04.05 03:02:45 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.04.05 03:02:45 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.04.05 03:02:45 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.04.05 03:02:45 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.04.05 03:02:45 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.04.05 03:02:45 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.04.05 03:02:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.04.05 03:02:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.04.05 03:02:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.04.05 03:02:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.04.05 03:02:45 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.04.05 03:02:45 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.04.05 03:02:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.04.05 03:02:45 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.04.05 03:02:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.05 03:02:44 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.04.05 03:02:44 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.04.05 03:02:44 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.04.05 03:02:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.04.05 03:02:44 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.04.05 03:02:44 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.04.05 03:02:44 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.04.05 03:02:44 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.04.05 03:02:44 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.04.05 03:02:44 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.04.05 03:02:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.04.05 03:02:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.04.05 03:02:44 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.04.05 03:02:44 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.04.03 19:22:30 | 000,000,770 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk [2013.04.02 03:58:36 | 000,001,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2013.03.28 16:40:52 | 000,531,573 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps [2013.03.28 16:39:26 | 000,314,751 | ---- | M] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps [2013.03.28 16:36:08 | 000,305,899 | ---- | M] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps [2013.03.28 16:34:34 | 000,241,232 | ---- | M] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps [2013.03.27 20:27:51 | 000,002,851 | ---- | M] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG [2013.03.27 17:36:06 | 000,096,149 | ---- | M] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.24 16:55:56 | 000,619,461 | ---- | C] () -- C:\Users\ms\Desktop\adwcleaner.exe [2013.04.23 21:29:28 | 001,516,251 | ---- | C] () -- C:\Users\ms\Desktop\AVG Original.pdf [2013.04.23 02:46:39 | 1425,113,545 | ---- | C] () -- C:\Users\ms\Desktop\Game.of.Thrones.S03E04.720p.HDTV.x264-EVOLVE.mkv [2013.04.21 20:22:01 | 000,377,856 | ---- | C] () -- C:\Users\ms\Desktop\gmer_2.1.19163.exe [2013.04.21 19:59:44 | 000,000,000 | ---- | C] () -- C:\Users\ms\defogger_reenable [2013.04.21 19:59:15 | 000,050,477 | ---- | C] () -- C:\Users\ms\Desktop\Defogger.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\Media Player - Codec Pack Disc handler.exe [2013.04.19 00:38:36 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe [2013.04.16 12:40:36 | 004,012,544 | ---- | C] () -- C:\Windows\SysNative\ffmpeg.dll [2013.04.16 12:39:26 | 000,127,488 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll [2013.04.16 12:39:14 | 004,372,992 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax [2013.04.16 12:38:32 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\ff_kernelDeint.dll [2013.04.16 12:37:38 | 000,631,296 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll [2013.04.16 12:37:36 | 000,114,688 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll [2013.04.16 12:37:32 | 000,183,296 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll [2013.04.16 12:37:30 | 000,156,672 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll [2013.04.16 12:37:28 | 001,532,928 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll [2013.04.16 12:37:28 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll [2013.04.16 12:37:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll [2013.04.16 12:37:24 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll [2013.04.16 12:35:04 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.04.16 12:33:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.04.16 12:33:32 | 003,501,568 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax [2013.04.16 12:32:28 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.04.16 12:32:24 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.04.16 12:32:18 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.04.16 12:32:16 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.04.16 12:32:16 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.04.16 12:32:14 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.04.16 12:32:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.04.16 12:32:10 | 000,136,704 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2013.04.15 22:02:19 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk [2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.04.15 15:28:59 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.04.14 21:05:51 | 182,522,087 | ---- | C] () -- C:\Users\ms\Desktop\LINTELOO_Brochure_2012.pdf [2013.04.14 03:04:45 | 005,499,558 | ---- | C] () -- C:\Users\ms\Desktop\FUSION_DE.pdf [2013.04.13 14:24:16 | 000,421,600 | ---- | C] () -- C:\Windows\SysNative\swscale-lav-2.dll [2013.04.13 14:24:14 | 007,977,200 | ---- | C] () -- C:\Windows\SysNative\avcodec-lav-55.dll [2013.04.13 14:24:14 | 001,245,920 | ---- | C] () -- C:\Windows\SysNative\avformat-lav-55.dll [2013.04.13 14:24:14 | 000,289,008 | ---- | C] () -- C:\Windows\SysNative\avutil-lav-52.dll [2013.04.13 14:24:14 | 000,202,648 | ---- | C] () -- C:\Windows\SysNative\avfilter-lav-3.dll [2013.04.13 14:24:14 | 000,194,016 | ---- | C] () -- C:\Windows\SysNative\avresample-lav-1.dll [2013.04.13 14:23:50 | 007,788,672 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-55.dll [2013.04.13 14:23:50 | 001,300,152 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-55.dll [2013.04.13 14:23:50 | 000,400,592 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.04.13 14:23:50 | 000,272,192 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.04.13 14:23:50 | 000,194,632 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.04.13 14:23:50 | 000,172,728 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2013.04.12 17:57:15 | 000,549,804 | ---- | C] () -- C:\Users\ms\Desktop\sw-broschüre_2011-9_web.pdf [2013.04.10 15:44:49 | 000,098,169 | ---- | C] () -- C:\Users\ms\Desktop\SKorr.pdf [2013.04.05 03:02:47 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.04.05 03:02:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.04.02 03:58:40 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2013.04.02 03:58:36 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2013.03.28 16:40:44 | 000,531,573 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalküldieI.xps [2013.03.28 16:39:20 | 000,314,751 | ---- | C] () -- C:\Users\ms\Desktop\KolonovitsFehlerkalkül.xps [2013.03.28 16:36:02 | 000,305,899 | ---- | C] () -- C:\Users\ms\Desktop\MayerFehlerkalkül.xps [2013.03.28 16:34:30 | 000,241,232 | ---- | C] () -- C:\Users\ms\Desktop\ThienelFehlerkalkül.xps [2013.03.27 20:27:51 | 000,002,851 | ---- | C] () -- C:\Users\ms\Desktop\Scannen BITTE.PNG [2013.03.27 17:36:06 | 000,096,149 | ---- | C] () -- C:\Users\ms\Desktop\Kelsens Fehlerkalkül-Theory.pdf [2012.12.19 23:52:54 | 000,000,581 | ---- | C] () -- C:\Users\ms\AppData\Local\cookies.ini [2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini [2012.04.21 02:53:10 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.04.21 00:54:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.21 00:47:47 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012.03.20 03:15:26 | 013,184,512 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012.03.20 03:15:26 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.03.20 03:15:26 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.03.20 03:15:26 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.03.20 03:15:26 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.03.20 03:15:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012.03.20 03:15:26 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.03.20 03:15:26 | 000,056,476 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2012.03.20 03:15:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat [2012.03.20 03:15:25 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.02.03 17:05:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2012.02.03 17:05:40 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011.06.24 05:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.06.24 05:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Geändert von hilflos001 (24.04.2013 um 16:39 Uhr) |
|
24.04.2013, 16:35
| #4 |
| | Yahoo.com plötzlich als Startseite Aha, das wird anscheinend zu einem Post zusammengefügt. Hier jedenfalls die letzte Logdatei: Extra.exe: Code:
ATTFilter OTL Extras logfile created on: 24.04.2013 17:04:13 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ms\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,90 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 50,37% Memory free
7,79 Gb Paging File | 5,48 Gb Available in Paging File | 70,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,27 Gb Total Space | 364,12 Gb Free Space | 81,59% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BOERTA | User Name: ms | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-888597308-3932801771-4181189287-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E7069DB-B2D2-469B-8566-23BBCF61E1E7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{34B0856C-74CC-494F-AA4A-1D7BE2C3AEA3}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{53860987-7EA7-4C18-A5E6-148D0F40A528}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A160DF1C-CDF9-4628-88AC-99273C262216}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
"{F5BD2059-A963-43FC-B825-8C0E863162BA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FCE91F7F-0B5F-42D5-B36F-7B7EE6DFE388}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048595FE-73CD-43B5-9BBC-B295E6B3B4B0}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1FEA0E5E-48C4-4F65-9792-FD174AE24522}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{244A5B01-9B32-47F0-950F-B9617BFE40A4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2670E51B-5F1C-4927-BAB6-44D88BBB5AB9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{26BC8452-3C48-45B3-896C-E9DAFBB9B15A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{3671B3E2-227B-4D42-9216-C23E6AD98F58}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7AA561E7-639B-4323-B045-3D2092769125}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{871F0827-5A63-439E-A1F1-6C474FFFEFF7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{AA5C52E8-9E20-4DD4-8BEC-9D6A21AA2D5E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{ACF5D287-C38B-42CE-B8C4-6E5D6A885457}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CA3031D6-558B-40D9-BAD3-706C6DB9B1A9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CFEB862F-528D-47D8-B1B2-5A3864DD99B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F774D7DD-1808-44FD-B9C7-F23A2A60ED79}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EB7792D-EFA2-42AB-9A22-F33D9458E974}" = Media Gallery
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2FE46568-5754-43AE-A289-0A8A7E5BCEAE}" = calibre 64bit
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{34EB42BE-F4D3-44C1-B28E-9740115DB72C}" = VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4D95D095-8C6F-4357-BDD8-27E295F37FB1}" = VAIO Care
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}" = VAIO - PlayMemories Home Plug-in
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BC3B8C54-7E10-0A4D-F6CA-52616DB1E96F}" = AMD Catalyst Install Manager
"{BFBE16E7-D5C3-F4AB-0485-88374CBFAFFA}" = ccc-utility64
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DF7756DD-656A-45C3-BA71-74673E8259A9}" = Intel® PROSet/Wireless WiFi-Software
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE491EE-6512-2C9A-466C-6D956EDD7EEE}" = CCC Help Greek
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{151CE009-E3CA-3772-AA38-A74EEAF8E31E}" = CCC Help Czech
"{153AAB30-B5C5-4B51-8EC7-7B6F0115BE6E}" = SearchMe Toolbar v7.0
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EE952F6-A614-4EB3-4157-88D529A3C3BA}" = CCC Help Polish
"{2F41EF61-A066-4EBF-84F8-21C1B317A780}" = VAIO - TrackID™ mit BRAVIA
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{34B52882-1B2A-99B9-200E-26525B2F6CB6}" = CCC Help English
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{44A39454-E35F-F916-D97D-609167097F5F}" = PX Profile Update
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{477633F3-3417-4A76-AC60-C4599617BC45}" = Catalyst Control Center - Branding
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4846B7FE-44E5-7967-4978-62FC2B4D978C}" = CCC Help Turkish
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{5156C9BF-1C27-430B-96D8-7129F11699A8}" = VAIO Data Restore Tool
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{54EEE33B-9223-02FF-7E94-E2CA18867B8F}" = CCC Help Spanish
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6069F836-AC5D-E50C-F6FB-9B632E3266CF}" = Catalyst Control Center InstallProxy
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66BBEB99-BB5D-DFD8-D4FB-E12FA748A888}" = Catalyst Control Center Localization All
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67F43112-847D-D4E0-91FF-222F6342808C}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F0A238D-0769-B0B0-DE27-2A3CEDFDE07E}" = CCC Help Japanese
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86
"{6FDF31EE-B0A0-3229-BCE0-8712F3ACCC42}" = CCC Help Chinese Traditional
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C3C573-C536-A2F9-1BB2-B718DA24C248}" = CCC Help Thai
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77B9B45D-A66F-88A5-62E6-E98F079C28AF}" = CCC Help Norwegian
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{840B9FA7-4CC5-9015-5E0E-666207E8AA63}" = Catalyst Control Center Profiles Mobile
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{858B32BD-121C-4AC8-BD87-CE37C51C03E2}" = TrackID(TM) with BRAVIA
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86FBC192-D7F5-793B-7CEB-C2F7C4C51452}" = CCC Help Chinese Standard
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{88859C61-F4AC-6C07-458A-B716E41A2955}" = CCC Help Hungarian
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EF5D686-CA31-2193-8F15-8BA5050400BA}" = CCC Help French
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A4D1F0BB-7A45-EBE1-E0AE-9CA35C8E45DE}" = Catalyst Control Center Graphics Previews Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE5F3379-8B81-457E-8E09-7E61D941AFA4}" = VAIO Gate
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BAE1CCA6-AB32-4D27-AE69-203436D54EC8}" = Reader for PC
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C8544A9A-76BE-4F82-811E-979799AE493B}" = VAIO Gesture Control
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D5E03D17-101E-3DED-50DA-A4CDCC283CF7}" = CCC Help Swedish
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB1A3EA7-0C25-4BEC-A108-176195190369}" = VHD
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DD5D6FD8-9190-A822-0336-48B35ACEE7CE}" = CCC Help German
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{DFB1925E-B6AC-F1CF-1E76-D63758286550}" = Catalyst Control Center
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E171F141-FDA5-B389-B851-9521367C4F0D}" = CCC Help Danish
"{E43B02AF-3B25-7007-D9B0-87E633411CA0}" = CCC Help Russian
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E6757A5B-EE7E-4D72-82B7-D1B2991DF55E}" = PYV_x86
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB312DD5-06AB-ED57-BC21-CE213E03AEB5}" = CCC Help Dutch
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3BF49E7-544C-94F5-1690-2800E3C431C7}" = CCC Help Italian
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA3DA987-9F3E-4A78-4F57-8E6E3B4303A3}" = CCC Help Finnish
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FD761869-BAD8-7C29-A9E3-523A07F5F632}" = CCC Help Portuguese
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Google Chrome" = Google Chrome
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"McAfee Security Scan" = McAfee Security Scan Plus
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.7
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Ravensburger tiptoi" = Ravensburger tiptoi
"SafeConnect" = SafeConnect
"VAIO Help and Support" =
"VTechDownloadManager" = VTech Download Manager
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WTA-349238c8-d1f1-43b2-bedb-bc2c86f792b8" = Build-a-lot 2
"WTA-5c4c58e7-ff05-4b3a-afe3-fa3592163c0b" = Mystery P.I. - The London Caper
"WTA-5cff513f-ae98-46c6-8811-c7eedbe797d6" = Mahjongg Artifacts
"WTA-6a55e284-2e06-45db-a1f7-7d04cd040b3e" = Chuzzle Deluxe
"WTA-6c0fdd54-6a60-4a59-b5c3-a70ddbb3ba0a" = The Hidden Object Game Show
"WTA-6eefbf06-0af2-451e-822f-80184a9af617" = Polar Bowler
"WTA-7236047d-6015-4845-ae14-4aabd7d14755" = Agatha Christie - Death on the Nile
"WTA-76a43f44-2e40-43cc-bb6b-7152c3fb4f52" = Mystery of Mortlake Mansion
"WTA-7aab279e-24a8-406b-a9df-0cae65338e68" = Bejeweled 3
"WTA-7b9d5929-8403-48d6-8de4-9a015ccc54b4" = Plants vs. Zombies - Game of the Year
"WTA-7d53d348-a7af-4c9e-be32-72cfc459dc1b" = Fishdom (TM) 2
"WTA-82f1a714-263b-43b6-bde3-01bd254815d7" = Cake Mania
"WTA-96a8f730-0a6d-4ef8-8e3c-efc87a2ece01" = Insaniquarium Deluxe
"WTA-c76134e6-5067-452e-b3d7-9b61782bdd09" = Jewel Quest Solitaire 2
"WTA-ce535f10-8f01-42da-8628-ae93505cc5bb" = Aloha TriPeaks
"WTA-f118041c-ea04-4bbc-bdc3-17d728d79bad" = Virtual Villagers 4 - The Tree of Life
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.04.2013 10:43:22 | Computer Name = boerta | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\ATI\CIM\Bin64\SetACL64.exe".
Die
abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.04.2013 10:50:44 | Computer Name = boerta | Source = WinMgmt | ID = 10
Description =
Error - 24.04.2013 10:59:41 | Computer Name = boerta | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24.04.2013 10:49:36 | Computer Name = boerta | Source = DCOM | ID = 10010
Description =
< End of report >
MS |
|
24.04.2013, 20:43
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Yahoo.com plötzlich als Startseite Problem behoben? GMER meldet allerdings noch einen unbekannten MBR, das will ich lieber nochmal prüfen: Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.04.2013, 01:09
| #6 |
| | Yahoo.com plötzlich als Startseite Hallo cosinus, ja, mein Rechner scheint sich etwas erholt zu haben. Firefox lässt sich wieder schließen und ist wieder schneller. Hier die Ergebnisse der Scans: 1. MBAR Hat keine Malware gefunden und (deshalb?) keine Logdatei erstellt. 2. aswMBR Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-24 22:32:11
-----------------------------
22:32:11.396 OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:11.396 Number of processors: 4 586 0x2A07
22:32:11.396 ComputerName: BOERTA UserName:
22:32:11.474 Initialze error 1
22:36:26.417 AVAST engine defs: 13042400
22:36:57.632 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:57.632 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
22:36:57.679 Disk 0 MBR read successfully
22:36:57.679 Disk 0 MBR scan
22:36:57.695 Disk 0 unknown MBR code
22:36:57.695 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:36:57.695 Disk 0 scanning C:\Windows\system32\drivers
22:36:57.695 Service scanning
22:36:58.241 Modules scanning
22:36:58.241 Disk 0 trace - called modules:
22:36:58.241 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
22:36:58.241 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c07790]
22:36:58.241 3 CLASSPNP.SYS[fffff88001dd143f] -> nt!IofCallDriver -> [0xfffffa80048ed950]
22:36:58.755 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005c0b050]
22:36:58.755 AVAST engine scan C:\Windows
22:36:58.755 AVAST engine scan C:\Windows\system32
22:36:58.755 AVAST engine scan C:\Windows\system32\drivers
22:36:58.771 AVAST engine scan C:\Users\ms
22:36:58.771 AVAST engine scan C:\ProgramData
22:36:58.771 Scan finished successfully
22:37:23.154 Disk 0 MBR has been saved successfully to "C:\Users\ms\Desktop\MBR.dat"
22:37:23.466 The log file has been saved successfully to "C:\Users\ms\Desktop\aswMBR.txt"
Code:
ATTFilter 22:47:17.0097 0576 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:47:17.0097 0576 UEFI system
22:47:17.0549 0576 ============================================================
22:47:17.0549 0576 Current date / time: 2013/04/24 22:47:17.0549
22:47:17.0549 0576 SystemInfo:
22:47:17.0549 0576
22:47:17.0549 0576 OS Version: 6.1.7601 ServicePack: 1.0
22:47:17.0549 0576 Product type: Workstation
22:47:17.0549 0576 ComputerName: BOERTA
22:47:17.0549 0576 UserName: ms
22:47:17.0549 0576 Windows directory: C:\Windows
22:47:17.0549 0576 System windows directory: C:\Windows
22:47:17.0549 0576 Running under WOW64
22:47:17.0549 0576 Processor architecture: Intel x64
22:47:17.0549 0576 Number of processors: 4
22:47:17.0549 0576 Page size: 0x1000
22:47:17.0549 0576 Boot type: Normal boot
22:47:17.0549 0576 ============================================================
22:47:18.0267 0576 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:47:18.0267 0576 ============================================================
22:47:18.0267 0576 \Device\Harddisk0\DR0:
22:47:18.0267 0576 GPT partitions:
22:47:18.0267 0576 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {F2A1560E-92C7-43B4-8C7B-31BA1F35315B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
22:47:18.0267 0576 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5637DE2E-D797-43DE-B9B2-00A6C5E036F2}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x25B6800
22:47:18.0267 0576 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E9E67938-EDF1-4C31-8493-5BF15A7609CE}, Name: EFI system partition, StartLBA 0x2639000, BlocksNum 0x82000
22:47:18.0267 0576 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {04911F3D-6FE6-4770-808D-C8EDAD56C344}, Name: Microsoft reserved partition, StartLBA 0x26BB000, BlocksNum 0x40000
22:47:18.0267 0576 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BE157DD1-B497-4583-B5EF-0BEC51EB8D9C}, Name: Basic data partition, StartLBA 0x26FB000, BlocksNum 0x37C8B00F
22:47:18.0267 0576 MBR partitions:
22:47:18.0267 0576 ============================================================
22:47:18.0298 0576 C: <-> \Device\Harddisk0\DR0\Partition5
22:47:18.0298 0576 ============================================================
22:47:18.0298 0576 Initialize success
22:47:18.0298 0576 ============================================================
22:47:26.0644 7152 ============================================================
22:47:26.0644 7152 Scan started
22:47:26.0644 7152 Mode: Manual; SigCheck; TDLFS;
22:47:26.0644 7152 ============================================================
22:47:27.0081 7152 ================ Scan system memory ========================
22:47:27.0081 7152 System memory - ok
22:47:27.0081 7152 ================ Scan services =============================
22:47:27.0377 7152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:47:27.0424 7152 1394ohci - ok
22:47:27.0486 7152 ACDaemon - ok
22:47:27.0517 7152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:47:27.0533 7152 ACPI - ok
22:47:27.0564 7152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:47:27.0564 7152 AcpiPmi - ok
22:47:27.0642 7152 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 c:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
22:47:27.0658 7152 AdobeActiveFileMonitor10.0 - ok
22:47:27.0798 7152 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:47:27.0814 7152 AdobeFlashPlayerUpdateSvc - ok
22:47:27.0845 7152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:47:27.0861 7152 adp94xx - ok
22:47:27.0907 7152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:47:27.0907 7152 adpahci - ok
22:47:27.0954 7152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:47:27.0970 7152 adpu320 - ok
22:47:28.0001 7152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:47:28.0032 7152 AeLookupSvc - ok
22:47:28.0079 7152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:47:28.0095 7152 AFD - ok
22:47:28.0126 7152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:47:28.0141 7152 agp440 - ok
22:47:28.0157 7152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:47:28.0173 7152 ALG - ok
22:47:28.0188 7152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:47:28.0204 7152 aliide - ok
22:47:28.0219 7152 [ 426E8B3243880A20F877D50D390F3335 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:47:28.0251 7152 AMD External Events Utility - ok
22:47:28.0266 7152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:47:28.0282 7152 amdide - ok
22:47:28.0297 7152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:47:28.0297 7152 AmdK8 - ok
22:47:28.0516 7152 [ 19374175566D0CD413D05E92D9797A3C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:47:28.0641 7152 amdkmdag - ok
22:47:28.0687 7152 [ 06DB356D98381F8B75CEBF5202F50DA1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:47:28.0719 7152 amdkmdap - ok
22:47:28.0750 7152 [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
22:47:28.0765 7152 amdkmpfd - ok
22:47:28.0797 7152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:47:28.0812 7152 AmdPPM - ok
22:47:28.0843 7152 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:47:28.0859 7152 amdsata - ok
22:47:28.0890 7152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:47:28.0890 7152 amdsbs - ok
22:47:28.0906 7152 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:47:28.0921 7152 amdxata - ok
22:47:28.0953 7152 [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
22:47:28.0968 7152 AMPPAL - ok
22:47:28.0968 7152 [ 1C591C1A0CB8ABE215FF66F9A1D8E955 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
22:47:28.0984 7152 AMPPALP - ok
22:47:29.0093 7152 [ E1841818278F2A9D66F834451D608AEA ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
22:47:29.0109 7152 AMPPALR3 - ok
22:47:29.0155 7152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:47:29.0187 7152 AppID - ok
22:47:29.0202 7152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:47:29.0233 7152 AppIDSvc - ok
22:47:29.0265 7152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:47:29.0296 7152 Appinfo - ok
22:47:29.0296 7152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:47:29.0311 7152 arc - ok
22:47:29.0343 7152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:47:29.0343 7152 arcsas - ok
22:47:29.0436 7152 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:47:29.0436 7152 aspnet_state - ok
22:47:29.0467 7152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:47:29.0499 7152 AsyncMac - ok
22:47:29.0530 7152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:47:29.0530 7152 atapi - ok
22:47:29.0577 7152 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:47:29.0608 7152 athr - ok
22:47:29.0655 7152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:47:29.0686 7152 AudioEndpointBuilder - ok
22:47:29.0701 7152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:47:29.0733 7152 AudioSrv - ok
22:47:29.0764 7152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:47:29.0779 7152 AxInstSV - ok
22:47:29.0826 7152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:47:29.0842 7152 b06bdrv - ok
22:47:29.0873 7152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:47:29.0889 7152 b57nd60a - ok
22:47:29.0967 7152 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:47:29.0982 7152 BBSvc - ok
22:47:30.0013 7152 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:47:30.0029 7152 BBUpdate - ok
22:47:30.0060 7152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:47:30.0060 7152 BDESVC - ok
22:47:30.0091 7152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:47:30.0123 7152 Beep - ok
22:47:30.0169 7152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:47:30.0201 7152 BFE - ok
22:47:30.0247 7152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:47:30.0279 7152 BITS - ok
22:47:30.0310 7152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:47:30.0325 7152 blbdrive - ok
22:47:30.0419 7152 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
22:47:30.0450 7152 Bluetooth Device Monitor - ok
22:47:30.0497 7152 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
22:47:30.0513 7152 Bluetooth Media Service - ok
22:47:30.0575 7152 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
22:47:30.0606 7152 Bluetooth OBEX Service - ok
22:47:30.0637 7152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:47:30.0637 7152 bowser - ok
22:47:30.0669 7152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:47:30.0684 7152 BrFiltLo - ok
22:47:30.0700 7152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:47:30.0700 7152 BrFiltUp - ok
22:47:30.0747 7152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:47:30.0747 7152 Browser - ok
22:47:30.0778 7152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:47:30.0793 7152 Brserid - ok
22:47:30.0809 7152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:47:30.0825 7152 BrSerWdm - ok
22:47:30.0856 7152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:47:30.0856 7152 BrUsbMdm - ok
22:47:30.0871 7152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:47:30.0887 7152 BrUsbSer - ok
22:47:30.0918 7152 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:47:30.0934 7152 BthEnum - ok
22:47:30.0949 7152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:47:30.0965 7152 BTHMODEM - ok
22:47:30.0981 7152 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:47:30.0996 7152 BthPan - ok
22:47:31.0027 7152 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:47:31.0043 7152 BTHPORT - ok
22:47:31.0074 7152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:47:31.0105 7152 bthserv - ok
22:47:31.0121 7152 [ 618AFD0072F4A672977484BFF6FE4FE2 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
22:47:31.0137 7152 BTHSSecurityMgr - ok
22:47:31.0168 7152 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:47:31.0168 7152 BTHUSB - ok
22:47:31.0199 7152 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
22:47:31.0215 7152 btmaux - ok
22:47:31.0246 7152 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
22:47:31.0261 7152 btmhsf - ok
22:47:31.0293 7152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:47:31.0324 7152 cdfs - ok
22:47:31.0355 7152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:47:31.0371 7152 cdrom - ok
22:47:31.0402 7152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:47:31.0433 7152 CertPropSvc - ok
22:47:31.0464 7152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:47:31.0480 7152 circlass - ok
22:47:31.0511 7152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:47:31.0527 7152 CLFS - ok
22:47:31.0573 7152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:47:31.0573 7152 clr_optimization_v2.0.50727_32 - ok
22:47:31.0605 7152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:47:31.0620 7152 clr_optimization_v2.0.50727_64 - ok
22:47:31.0683 7152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:47:31.0698 7152 clr_optimization_v4.0.30319_32 - ok
22:47:31.0714 7152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:47:31.0729 7152 clr_optimization_v4.0.30319_64 - ok
22:47:31.0761 7152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:47:31.0776 7152 CmBatt - ok
22:47:31.0792 7152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:47:31.0792 7152 cmdide - ok
22:47:31.0854 7152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:47:31.0870 7152 CNG - ok
22:47:31.0917 7152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:47:31.0932 7152 Compbatt - ok
22:47:31.0948 7152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:47:31.0948 7152 CompositeBus - ok
22:47:31.0963 7152 COMSysApp - ok
22:47:32.0073 7152 [ F3D0368E158CFB62BE63BA7B4B7EC507 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:47:32.0088 7152 cphs - ok
22:47:32.0088 7152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:47:32.0104 7152 crcdisk - ok
22:47:32.0151 7152 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:47:32.0166 7152 CryptSvc - ok
22:47:32.0213 7152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:47:32.0244 7152 DcomLaunch - ok
22:47:32.0291 7152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:47:32.0322 7152 defragsvc - ok
22:47:32.0353 7152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:47:32.0385 7152 DfsC - ok
22:47:32.0416 7152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:47:32.0431 7152 Dhcp - ok
22:47:32.0447 7152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:47:32.0478 7152 discache - ok
22:47:32.0525 7152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:47:32.0541 7152 Disk - ok
22:47:32.0572 7152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:47:32.0572 7152 Dnscache - ok
22:47:32.0587 7152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:47:32.0619 7152 dot3svc - ok
22:47:32.0619 7152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:47:32.0650 7152 DPS - ok
22:47:32.0681 7152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:47:32.0697 7152 drmkaud - ok
22:47:32.0728 7152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:47:32.0759 7152 DXGKrnl - ok
22:47:32.0790 7152 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
22:47:32.0790 7152 e1yexpress - ok
22:47:32.0821 7152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:47:32.0853 7152 EapHost - ok
22:47:32.0946 7152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:47:32.0993 7152 ebdrv - ok
22:47:33.0024 7152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:47:33.0024 7152 EFS - ok
22:47:33.0087 7152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:47:33.0102 7152 ehRecvr - ok
22:47:33.0118 7152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:47:33.0133 7152 ehSched - ok
22:47:33.0165 7152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:47:33.0180 7152 elxstor - ok
22:47:33.0211 7152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:47:33.0211 7152 ErrDev - ok
22:47:33.0243 7152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:47:33.0289 7152 EventSystem - ok
22:47:33.0367 7152 [ 64D25284A4E9D11CA0722AF3F30FD970 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:47:33.0383 7152 EvtEng - ok
22:47:33.0430 7152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:47:33.0477 7152 exfat - ok
22:47:33.0492 7152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:47:33.0523 7152 fastfat - ok
22:47:33.0570 7152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:47:33.0586 7152 Fax - ok
22:47:33.0633 7152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:47:33.0648 7152 fdc - ok
22:47:33.0679 7152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:47:33.0711 7152 fdPHost - ok
22:47:33.0726 7152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:47:33.0757 7152 FDResPub - ok
22:47:33.0773 7152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:47:33.0773 7152 FileInfo - ok
22:47:33.0789 7152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:47:33.0820 7152 Filetrace - ok
22:47:33.0867 7152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:47:33.0882 7152 flpydisk - ok
22:47:33.0898 7152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:47:33.0913 7152 FltMgr - ok
22:47:33.0976 7152 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:47:33.0991 7152 FontCache - ok
22:47:34.0038 7152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:47:34.0038 7152 FontCache3.0.0.0 - ok
22:47:34.0054 7152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:47:34.0069 7152 FsDepends - ok
22:47:34.0101 7152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:47:34.0101 7152 Fs_Rec - ok
22:47:34.0163 7152 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:47:34.0179 7152 fvevol - ok
22:47:34.0210 7152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:47:34.0225 7152 gagp30kx - ok
22:47:34.0303 7152 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:47:34.0303 7152 GamesAppService - ok
22:47:34.0366 7152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:47:34.0397 7152 gpsvc - ok
22:47:34.0491 7152 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:47:34.0491 7152 gupdate - ok
22:47:34.0506 7152 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:47:34.0522 7152 gupdatem - ok
22:47:34.0553 7152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:47:34.0553 7152 hcw85cir - ok
22:47:34.0584 7152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:47:34.0600 7152 HdAudAddService - ok
22:47:34.0631 7152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:47:34.0647 7152 HDAudBus - ok
22:47:34.0662 7152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:47:34.0678 7152 HidBatt - ok
22:47:34.0693 7152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:47:34.0709 7152 HidBth - ok
22:47:34.0740 7152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:47:34.0756 7152 HidIr - ok
22:47:34.0787 7152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:47:34.0818 7152 hidserv - ok
22:47:34.0849 7152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:47:34.0865 7152 HidUsb - ok
22:47:34.0896 7152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:47:34.0927 7152 hkmsvc - ok
22:47:34.0943 7152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:47:34.0943 7152 HomeGroupListener - ok
22:47:34.0974 7152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:47:34.0990 7152 HomeGroupProvider - ok
22:47:35.0021 7152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:47:35.0021 7152 HpSAMD - ok
22:47:35.0068 7152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:47:35.0099 7152 HTTP - ok
22:47:35.0115 7152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:47:35.0130 7152 hwpolicy - ok
22:47:35.0161 7152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:47:35.0161 7152 i8042prt - ok
22:47:35.0193 7152 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
22:47:35.0208 7152 iaStor - ok
22:47:35.0286 7152 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:47:35.0286 7152 IAStorDataMgrSvc - ok
22:47:35.0317 7152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:47:35.0333 7152 iaStorV - ok
22:47:35.0364 7152 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
22:47:35.0364 7152 ibtfltcoex - ok
22:47:35.0427 7152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:47:35.0442 7152 idsvc - ok
22:47:35.0473 7152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:47:35.0473 7152 iirsp - ok
22:47:35.0520 7152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:47:35.0551 7152 IKEEXT - ok
22:47:35.0598 7152 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
22:47:35.0598 7152 intaud_WaveExtensible - ok
22:47:35.0723 7152 [ 6A0E2A1E2A1E1DBAA17EE02F3A7EF0A6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:47:35.0801 7152 IntcAzAudAddService - ok
22:47:35.0848 7152 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:47:35.0848 7152 IntcDAud - ok
22:47:35.0910 7152 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:47:35.0926 7152 Intel(R) Capability Licensing Service Interface - ok
22:47:35.0957 7152 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:47:35.0973 7152 Intel(R) ME Service - ok
22:47:35.0988 7152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:47:36.0004 7152 intelide - ok
22:47:36.0285 7152 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
22:47:36.0456 7152 intelkmd - ok
22:47:36.0550 7152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:47:36.0550 7152 intelppm - ok
22:47:36.0612 7152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:47:36.0643 7152 IPBusEnum - ok
22:47:36.0659 7152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:47:36.0690 7152 IpFilterDriver - ok
22:47:36.0753 7152 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:47:36.0768 7152 iphlpsvc - ok
22:47:36.0784 7152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:47:36.0799 7152 IPMIDRV - ok
22:47:36.0799 7152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:47:36.0831 7152 IPNAT - ok
22:47:36.0862 7152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:47:36.0877 7152 IRENUM - ok
22:47:36.0893 7152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:47:36.0909 7152 isapnp - ok
22:47:36.0940 7152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:47:36.0940 7152 iScsiPrt - ok
22:47:36.0971 7152 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
22:47:36.0987 7152 iusb3hcs - ok
22:47:37.0018 7152 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
22:47:37.0033 7152 iusb3hub - ok
22:47:37.0049 7152 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:47:37.0080 7152 iusb3xhc - ok
22:47:37.0096 7152 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
22:47:37.0111 7152 iwdbus - ok
22:47:37.0143 7152 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:47:37.0158 7152 jhi_service - ok
22:47:37.0174 7152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:47:37.0189 7152 kbdclass - ok
22:47:37.0221 7152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:47:37.0221 7152 kbdhid - ok
22:47:37.0252 7152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:47:37.0267 7152 KeyIso - ok
22:47:37.0283 7152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:47:37.0299 7152 KSecDD - ok
22:47:37.0314 7152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:47:37.0330 7152 KSecPkg - ok
22:47:37.0361 7152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:47:37.0392 7152 ksthunk - ok
22:47:37.0423 7152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:47:37.0455 7152 KtmRm - ok
22:47:37.0517 7152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:47:37.0548 7152 LanmanServer - ok
22:47:37.0579 7152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:47:37.0611 7152 LanmanWorkstation - ok
22:47:37.0657 7152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:47:37.0689 7152 lltdio - ok
22:47:37.0704 7152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:47:37.0751 7152 lltdsvc - ok
22:47:37.0767 7152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:47:37.0798 7152 lmhosts - ok
22:47:37.0845 7152 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:47:37.0860 7152 LMS - ok
22:47:37.0907 7152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:47:37.0907 7152 LSI_FC - ok
22:47:37.0938 7152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:47:37.0954 7152 LSI_SAS - ok
22:47:37.0954 7152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:47:37.0969 7152 LSI_SAS2 - ok
22:47:37.0985 7152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:47:38.0001 7152 LSI_SCSI - ok
22:47:38.0016 7152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:47:38.0047 7152 luafv - ok
22:47:38.0125 7152 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
22:47:38.0141 7152 McComponentHostService - ok
22:47:38.0157 7152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:47:38.0172 7152 Mcx2Svc - ok
22:47:38.0188 7152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:47:38.0203 7152 megasas - ok
22:47:38.0219 7152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:47:38.0235 7152 MegaSR - ok
22:47:38.0266 7152 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:47:38.0281 7152 MEIx64 - ok
22:47:38.0359 7152 Microsoft SharePoint Workspace Audit Service - ok
22:47:38.0391 7152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:47:38.0422 7152 MMCSS - ok
22:47:38.0437 7152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:47:38.0469 7152 Modem - ok
22:47:38.0515 7152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:47:38.0515 7152 monitor - ok
22:47:38.0547 7152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:47:38.0562 7152 mouclass - ok
22:47:38.0593 7152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:47:38.0609 7152 mouhid - ok
22:47:38.0640 7152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:47:38.0656 7152 mountmgr - ok
22:47:38.0718 7152 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:47:38.0734 7152 MozillaMaintenance - ok
22:47:38.0796 7152 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
22:47:38.0812 7152 MpFilter - ok
22:47:38.0843 7152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:47:38.0859 7152 mpio - ok
22:47:38.0859 7152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:47:38.0890 7152 mpsdrv - ok
22:47:38.0937 7152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:47:38.0968 7152 MpsSvc - ok
22:47:38.0999 7152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:47:39.0015 7152 MRxDAV - ok
22:47:39.0030 7152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:47:39.0046 7152 mrxsmb - ok
22:47:39.0046 7152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:47:39.0061 7152 mrxsmb10 - ok
22:47:39.0077 7152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:47:39.0093 7152 mrxsmb20 - ok
22:47:39.0108 7152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:47:39.0124 7152 msahci - ok
22:47:39.0139 7152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:47:39.0139 7152 msdsm - ok
22:47:39.0171 7152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:47:39.0171 7152 MSDTC - ok
22:47:39.0202 7152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:47:39.0233 7152 Msfs - ok
22:47:39.0264 7152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:47:39.0295 7152 mshidkmdf - ok
22:47:39.0311 7152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:47:39.0311 7152 msisadrv - ok
22:47:39.0342 7152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:47:39.0373 7152 MSiSCSI - ok
22:47:39.0373 7152 msiserver - ok
22:47:39.0405 7152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:47:39.0436 7152 MSKSSRV - ok
22:47:39.0514 7152 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:47:39.0514 7152 MsMpSvc - ok
22:47:39.0545 7152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:47:39.0576 7152 MSPCLOCK - ok
22:47:39.0576 7152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:47:39.0607 7152 MSPQM - ok
22:47:39.0623 7152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:47:39.0639 7152 MsRPC - ok
22:47:39.0654 7152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:47:39.0670 7152 mssmbios - ok
22:47:39.0685 7152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:47:39.0717 7152 MSTEE - ok
22:47:39.0717 7152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:47:39.0732 7152 MTConfig - ok
22:47:39.0748 7152 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:47:39.0763 7152 Mup - ok
22:47:39.0810 7152 [ E3B58E3011B207C5289D11173B30E298 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:47:39.0826 7152 MyWiFiDHCPDNS - ok
22:47:39.0857 7152 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:47:39.0888 7152 napagent - ok
22:47:39.0919 7152 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:47:39.0951 7152 NativeWifiP - ok
22:47:40.0013 7152 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:47:40.0029 7152 NDIS - ok
22:47:40.0060 7152 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:47:40.0091 7152 NdisCap - ok
22:47:40.0122 7152 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:47:40.0153 7152 NdisTapi - ok
22:47:40.0185 7152 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:47:40.0216 7152 Ndisuio - ok
22:47:40.0231 7152 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:47:40.0263 7152 NdisWan - ok
22:47:40.0278 7152 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:47:40.0309 7152 NDProxy - ok
22:47:40.0325 7152 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:47:40.0356 7152 NetBIOS - ok
22:47:40.0372 7152 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:47:40.0403 7152 NetBT - ok
22:47:40.0419 7152 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:47:40.0419 7152 Netlogon - ok
22:47:40.0465 7152 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:47:40.0497 7152 Netman - ok
22:47:40.0543 7152 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0559 7152 NetMsmqActivator - ok
22:47:40.0559 7152 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0575 7152 NetPipeActivator - ok
22:47:40.0606 7152 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:47:40.0653 7152 netprofm - ok
22:47:40.0668 7152 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0668 7152 NetTcpActivator - ok
22:47:40.0668 7152 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:47:40.0684 7152 NetTcpPortSharing - ok
22:47:40.0933 7152 [ 47DC062656EA661FE9175DBACAD00E9D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
22:47:41.0058 7152 NETwNs64 - ok
22:47:41.0089 7152 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:47:41.0105 7152 nfrd960 - ok
22:47:41.0152 7152 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:47:41.0152 7152 NisDrv - ok
22:47:41.0199 7152 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
22:47:41.0214 7152 NisSrv - ok
22:47:41.0230 7152 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:47:41.0245 7152 NlaSvc - ok
22:47:41.0277 7152 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:47:41.0308 7152 Npfs - ok
22:47:41.0339 7152 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:47:41.0370 7152 nsi - ok
22:47:41.0386 7152 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:47:41.0417 7152 nsiproxy - ok
22:47:41.0495 7152 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:47:41.0526 7152 Ntfs - ok
22:47:41.0557 7152 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:47:41.0589 7152 Null - ok
22:47:41.0807 7152 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:47:41.0979 7152 nvlddmkm - ok
22:47:42.0010 7152 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:47:42.0025 7152 nvraid - ok
22:47:42.0057 7152 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:47:42.0057 7152 nvstor - ok
22:47:42.0088 7152 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:47:42.0103 7152 nv_agp - ok
22:47:42.0135 7152 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:47:42.0135 7152 ohci1394 - ok
22:47:42.0181 7152 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:47:42.0197 7152 ose - ok
22:47:42.0322 7152 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:47:42.0400 7152 osppsvc - ok
22:47:42.0415 7152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:47:42.0431 7152 p2pimsvc - ok
22:47:42.0462 7152 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:47:42.0462 7152 p2psvc - ok
22:47:42.0493 7152 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:47:42.0509 7152 Parport - ok
22:47:42.0540 7152 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:47:42.0540 7152 partmgr - ok
22:47:42.0571 7152 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:47:42.0587 7152 PcaSvc - ok
22:47:42.0618 7152 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:47:42.0618 7152 pci - ok
22:47:42.0649 7152 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:47:42.0665 7152 pciide - ok
22:47:42.0681 7152 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:47:42.0696 7152 pcmcia - ok
22:47:42.0712 7152 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:47:42.0727 7152 pcw - ok
22:47:42.0743 7152 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:47:42.0790 7152 PEAUTH - ok
22:47:42.0899 7152 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:47:42.0899 7152 PerfHost - ok
22:47:42.0946 7152 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:47:42.0993 7152 pla - ok
22:47:43.0039 7152 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:47:43.0055 7152 PlugPlay - ok
22:47:43.0133 7152 [ 9C4D0DE187CBC24F658C52EFC93B1C73 ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
22:47:43.0149 7152 PMBDeviceInfoProvider - ok
22:47:43.0164 7152 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:47:43.0180 7152 PNRPAutoReg - ok
22:47:43.0195 7152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:47:43.0211 7152 PNRPsvc - ok
22:47:43.0242 7152 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:47:43.0289 7152 PolicyAgent - ok
22:47:43.0289 7152 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:47:43.0336 7152 Power - ok
22:47:43.0351 7152 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:47:43.0383 7152 PptpMiniport - ok
22:47:43.0398 7152 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:47:43.0414 7152 Processor - ok
22:47:43.0429 7152 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:47:43.0445 7152 ProfSvc - ok
22:47:43.0461 7152 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:47:43.0476 7152 ProtectedStorage - ok
22:47:43.0507 7152 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:47:43.0539 7152 Psched - ok
22:47:43.0570 7152 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:47:43.0570 7152 PxHlpa64 - ok
22:47:43.0648 7152 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:47:43.0679 7152 ql2300 - ok
22:47:43.0695 7152 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:47:43.0695 7152 ql40xx - ok
22:47:43.0726 7152 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:47:43.0741 7152 QWAVE - ok
22:47:43.0757 7152 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:47:43.0773 7152 QWAVEdrv - ok
22:47:43.0788 7152 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:47:43.0819 7152 RasAcd - ok
22:47:43.0851 7152 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:47:43.0882 7152 RasAgileVpn - ok
22:47:43.0897 7152 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:47:43.0929 7152 RasAuto - ok
22:47:43.0944 7152 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:47:43.0975 7152 Rasl2tp - ok
22:47:44.0007 7152 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:47:44.0038 7152 RasMan - ok
22:47:44.0053 7152 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:47:44.0085 7152 RasPppoe - ok
22:47:44.0116 7152 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:47:44.0163 7152 RasSstp - ok
22:47:44.0178 7152 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:47:44.0209 7152 rdbss - ok
22:47:44.0225 7152 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:47:44.0241 7152 rdpbus - ok
22:47:44.0256 7152 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:47:44.0303 7152 RDPCDD - ok
22:47:44.0303 7152 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:47:44.0334 7152 RDPENCDD - ok
22:47:44.0350 7152 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:47:44.0381 7152 RDPREFMP - ok
22:47:44.0412 7152 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:47:44.0412 7152 RDPWD - ok
22:47:44.0459 7152 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:47:44.0475 7152 rdyboost - ok
22:47:44.0521 7152 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:47:44.0537 7152 RegSrvc - ok
22:47:44.0553 7152 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:47:44.0584 7152 RemoteAccess - ok
22:47:44.0615 7152 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:47:44.0646 7152 RemoteRegistry - ok
22:47:44.0693 7152 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:47:44.0709 7152 RFCOMM - ok
22:47:44.0755 7152 [ 76157F737959CECF9AC4AE5783493075 ] rimssne C:\Windows\system32\DRIVERS\rimssne64.sys
22:47:44.0771 7152 rimssne - ok
22:47:44.0771 7152 [ 0D45CECAAAB65E5598E8DD8BBD2CBDD2 ] risdsnxc C:\Windows\system32\DRIVERS\risdsnxc64.sys
22:47:44.0787 7152 risdsnxc - ok
22:47:44.0802 7152 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:47:44.0849 7152 RpcEptMapper - ok
22:47:44.0865 7152 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:47:44.0880 7152 RpcLocator - ok
22:47:44.0896 7152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:47:44.0943 7152 RpcSs - ok
22:47:44.0974 7152 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:47:45.0005 7152 rspndr - ok
22:47:45.0036 7152 [ 39A719875F572241C585A629EE62EB14 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:47:45.0052 7152 RTL8167 - ok
22:47:45.0099 7152 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:47:45.0099 7152 SamSs - ok
22:47:45.0130 7152 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:47:45.0145 7152 sbp2port - ok
22:47:45.0177 7152 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:47:45.0208 7152 SCardSvr - ok
22:47:45.0223 7152 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:47:45.0255 7152 scfilter - ok
22:47:45.0286 7152 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:47:45.0317 7152 Schedule - ok
22:47:45.0395 7152 SCManager - ok
22:47:45.0411 7152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:47:45.0457 7152 SCPolicySvc - ok
22:47:45.0489 7152 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:47:45.0504 7152 sdbus - ok
22:47:45.0535 7152 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:47:45.0551 7152 SDRSVC - ok
22:47:45.0567 7152 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:47:45.0598 7152 secdrv - ok
22:47:45.0613 7152 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:47:45.0645 7152 seclogon - ok
22:47:45.0676 7152 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:47:45.0707 7152 SENS - ok
22:47:45.0738 7152 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:47:45.0738 7152 SensrSvc - ok
22:47:45.0754 7152 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:47:45.0769 7152 Serenum - ok
22:47:45.0801 7152 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
22:47:45.0816 7152 Serial - ok
22:47:45.0832 7152 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:47:45.0847 7152 sermouse - ok
22:47:45.0879 7152 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:47:45.0910 7152 SessionEnv - ok
22:47:45.0941 7152 [ 85D0F874734C105D02280B39BF0AD23F ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
22:47:45.0957 7152 SFEP - ok
22:47:45.0972 7152 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:47:45.0988 7152 sffdisk - ok
22:47:45.0988 7152 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:47:46.0003 7152 sffp_mmc - ok
22:47:46.0003 7152 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:47:46.0019 7152 sffp_sd - ok
22:47:46.0019 7152 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:47:46.0035 7152 sfloppy - ok
22:47:46.0066 7152 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:47:46.0097 7152 SharedAccess - ok
22:47:46.0128 7152 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:47:46.0159 7152 ShellHWDetection - ok
22:47:46.0206 7152 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:47:46.0206 7152 SiSRaid2 - ok
22:47:46.0222 7152 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:47:46.0237 7152 SiSRaid4 - ok
22:47:46.0315 7152 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:47:46.0315 7152 SkypeUpdate - ok
22:47:46.0347 7152 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:47:46.0393 7152 Smb - ok
22:47:46.0425 7152 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:47:46.0440 7152 SNMPTRAP - ok
22:47:46.0518 7152 [ 4AEA7A1C3CA06D95D6966C34D13C0D8B ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
22:47:46.0534 7152 SOHCImp - ok
22:47:46.0549 7152 [ 16FD95781117E13107D477AE36219E6F ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
22:47:46.0549 7152 SOHDs - ok
22:47:46.0596 7152 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
22:47:46.0596 7152 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning
22:47:46.0596 7152 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1)
22:47:46.0643 7152 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
22:47:46.0659 7152 SpfService - ok
22:47:46.0690 7152 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:47:46.0690 7152 spldr - ok
22:47:46.0721 7152 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:47:46.0737 7152 Spooler - ok
22:47:46.0830 7152 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:47:46.0893 7152 sppsvc - ok
22:47:46.0908 7152 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:47:46.0939 7152 sppuinotify - ok
22:47:46.0955 7152 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:47:46.0971 7152 srv - ok
22:47:47.0002 7152 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:47:47.0018 7152 srv2 - ok
22:47:47.0033 7152 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:47:47.0049 7152 srvnet - ok
22:47:47.0080 7152 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:47:47.0127 7152 SSDPSRV - ok
22:47:47.0127 7152 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:47:47.0158 7152 SstpSvc - ok
22:47:47.0174 7152 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:47:47.0189 7152 stexstor - ok
22:47:47.0220 7152 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:47:47.0252 7152 stisvc - ok
22:47:47.0267 7152 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:47:47.0267 7152 swenum - ok
22:47:47.0298 7152 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:47:47.0345 7152 swprv - ok
22:47:47.0392 7152 [ A7B18B920901CD5E11B196869C6F9F0E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:47:47.0408 7152 SynTP - ok
22:47:47.0454 7152 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:47:47.0486 7152 SysMain - ok
22:47:47.0501 7152 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:47:47.0532 7152 TabletInputService - ok
22:47:47.0548 7152 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:47:47.0579 7152 TapiSrv - ok
22:47:47.0595 7152 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:47:47.0642 7152 TBS - ok
22:47:47.0704 7152 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:47:47.0735 7152 Tcpip - ok
22:47:47.0782 7152 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:47:47.0829 7152 TCPIP6 - ok
22:47:47.0860 7152 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:47:47.0876 7152 tcpipreg - ok
22:47:47.0891 7152 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:47:47.0907 7152 TDPIPE - ok
22:47:47.0922 7152 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:47:47.0938 7152 TDTCP - ok
22:47:47.0954 7152 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:47:47.0985 7152 tdx - ok
22:47:48.0000 7152 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:47:48.0016 7152 TermDD - ok
22:47:48.0047 7152 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:47:48.0094 7152 TermService - ok
22:47:48.0094 7152 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:47:48.0110 7152 Themes - ok
22:47:48.0141 7152 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:47:48.0172 7152 THREADORDER - ok
22:47:48.0203 7152 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:47:48.0234 7152 TrkWks - ok
22:47:48.0281 7152 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:47:48.0312 7152 TrustedInstaller - ok
22:47:48.0328 7152 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:47:48.0359 7152 tssecsrv - ok
22:47:48.0375 7152 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:47:48.0390 7152 TsUsbFlt - ok
22:47:48.0406 7152 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:47:48.0406 7152 TsUsbGD - ok
22:47:48.0437 7152 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:47:48.0468 7152 tunnel - ok
22:47:48.0468 7152 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:47:48.0484 7152 uagp35 - ok
22:47:48.0500 7152 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:47:48.0546 7152 udfs - ok
22:47:48.0593 7152 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:47:48.0593 7152 UI0Detect - ok
22:47:48.0624 7152 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:47:48.0640 7152 uliagpkx - ok
22:47:48.0656 7152 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:47:48.0656 7152 umbus - ok
22:47:48.0687 7152 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:47:48.0687 7152 UmPass - ok
22:47:48.0765 7152 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:47:48.0780 7152 UNS - ok
22:47:48.0812 7152 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:47:48.0843 7152 upnphost - ok
22:47:48.0874 7152 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:47:48.0890 7152 usbccgp - ok
22:47:48.0921 7152 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:47:48.0921 7152 usbcir - ok
22:47:48.0936 7152 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:47:48.0952 7152 usbehci - ok
22:47:48.0983 7152 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:47:48.0999 7152 usbhub - ok
22:47:48.0999 7152 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:47:49.0014 7152 usbohci - ok
22:47:49.0046 7152 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:47:49.0061 7152 usbprint - ok
22:47:49.0077 7152 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:47:49.0092 7152 USBSTOR - ok
22:47:49.0092 7152 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:47:49.0108 7152 usbuhci - ok
22:47:49.0124 7152 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:47:49.0139 7152 usbvideo - ok
22:47:49.0155 7152 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:47:49.0186 7152 UxSms - ok
22:47:49.0233 7152 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
22:47:49.0248 7152 VAIO Event Service - ok
22:47:49.0326 7152 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
22:47:49.0358 7152 VAIO Power Management - ok
22:47:49.0358 7152 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:47:49.0373 7152 VaultSvc - ok
22:47:49.0436 7152 [ ADD5A5BA64D0710E1C764A8D4DAD510E ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
22:47:49.0451 7152 VCFw - ok
22:47:49.0514 7152 [ EEE5AD6FB40B35F7867C3A49B98BB4EF ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
22:47:49.0529 7152 VcmIAlzMgr - ok
22:47:49.0576 7152 [ FD5BD55C1854208BC9C51DBCFC3C1941 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
22:47:49.0592 7152 VcmINSMgr - ok
22:47:49.0623 7152 [ 9BC1F203C5604C24F345BCFCD6956BAE ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
22:47:49.0638 7152 VcmXmlIfHelper - ok
22:47:49.0701 7152 [ 9F2D25FA154A32C8C80420A46FBBF815 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
22:47:49.0701 7152 VCService - ok
22:47:49.0732 7152 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:47:49.0732 7152 vdrvroot - ok
22:47:49.0763 7152 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:47:49.0794 7152 vds - ok
22:47:49.0826 7152 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:47:49.0841 7152 vga - ok
22:47:49.0857 7152 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:47:49.0888 7152 VgaSave - ok
22:47:49.0904 7152 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:47:49.0919 7152 vhdmp - ok
22:47:49.0935 7152 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:47:49.0950 7152 viaide - ok
22:47:49.0966 7152 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:47:49.0982 7152 volmgr - ok
22:47:49.0997 7152 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:47:50.0013 7152 volmgrx - ok
22:47:50.0028 7152 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:47:50.0044 7152 volsnap - ok
22:47:50.0091 7152 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:47:50.0106 7152 vsmraid - ok
22:47:50.0169 7152 [ 809E14B31DCB9BA57F700232FB63AB28 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
22:47:50.0200 7152 VSNService - ok
22:47:50.0247 7152 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:47:50.0294 7152 VSS - ok
22:47:50.0372 7152 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
22:47:50.0403 7152 VUAgent - ok
22:47:50.0418 7152 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:47:50.0434 7152 vwifibus - ok
22:47:50.0465 7152 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:47:50.0481 7152 vwififlt - ok
22:47:50.0496 7152 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:47:50.0512 7152 vwifimp - ok
22:47:50.0559 7152 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:47:50.0637 7152 W32Time - ok
22:47:50.0668 7152 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:47:50.0684 7152 WacomPen - ok
22:47:50.0730 7152 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:47:50.0762 7152 WANARP - ok
22:47:50.0762 7152 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:47:50.0793 7152 Wanarpv6 - ok
22:47:50.0855 7152 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:47:50.0886 7152 WatAdminSvc - ok
22:47:50.0933 7152 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:47:50.0964 7152 wbengine - ok
22:47:50.0980 7152 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:47:50.0996 7152 WbioSrvc - ok
22:47:51.0027 7152 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:47:51.0042 7152 wcncsvc - ok
22:47:51.0058 7152 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:47:51.0058 7152 WcsPlugInService - ok
22:47:51.0089 7152 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:47:51.0089 7152 Wd - ok
22:47:51.0136 7152 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:47:51.0167 7152 Wdf01000 - ok
22:47:51.0167 7152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:47:51.0198 7152 WdiServiceHost - ok
22:47:51.0198 7152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:47:51.0214 7152 WdiSystemHost - ok
22:47:51.0245 7152 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:47:51.0261 7152 WebClient - ok
22:47:51.0276 7152 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:47:51.0308 7152 Wecsvc - ok
22:47:51.0339 7152 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:47:51.0370 7152 wercplsupport - ok
22:47:51.0401 7152 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:47:51.0432 7152 WerSvc - ok
22:47:51.0464 7152 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:47:51.0495 7152 WfpLwf - ok
22:47:51.0526 7152 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:47:51.0526 7152 WIMMount - ok
22:47:51.0542 7152 WinDefend - ok
22:47:51.0557 7152 WinHttpAutoProxySvc - ok
22:47:51.0604 7152 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:47:51.0635 7152 Winmgmt - ok
22:47:51.0698 7152 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:47:51.0744 7152 WinRM - ok
22:47:51.0791 7152 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:47:51.0807 7152 Wlansvc - ok
22:47:51.0869 7152 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:47:51.0869 7152 wlcrasvc - ok
22:47:51.0963 7152 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:47:51.0994 7152 wlidsvc - ok
22:47:52.0025 7152 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:47:52.0025 7152 WmiAcpi - ok
22:47:52.0056 7152 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:47:52.0072 7152 wmiApSrv - ok
22:47:52.0103 7152 WMPNetworkSvc - ok
22:47:52.0119 7152 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:47:52.0134 7152 WPCSvc - ok
22:47:52.0150 7152 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:47:52.0166 7152 WPDBusEnum - ok
22:47:52.0181 7152 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:47:52.0212 7152 ws2ifsl - ok
22:47:52.0228 7152 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:47:52.0244 7152 wscsvc - ok
22:47:52.0244 7152 WSearch - ok
22:47:52.0322 7152 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:47:52.0353 7152 wuauserv - ok
22:47:52.0400 7152 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:47:52.0415 7152 WudfPf - ok
22:47:52.0462 7152 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:47:52.0478 7152 WUDFRd - ok
22:47:52.0493 7152 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:47:52.0493 7152 wudfsvc - ok
22:47:52.0524 7152 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:47:52.0540 7152 WwanSvc - ok
22:47:52.0618 7152 [ 74713CB32792F9C7632DAA7DA22CA974 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:47:52.0634 7152 ZeroConfigService - ok
22:47:52.0665 7152 ================ Scan global ===============================
22:47:52.0696 7152 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:47:52.0727 7152 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:47:52.0727 7152 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:47:52.0743 7152 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:47:52.0774 7152 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:47:52.0774 7152 [Global] - ok
22:47:52.0774 7152 ================ Scan MBR ==================================
22:47:52.0790 7152 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:47:52.0930 7152 \Device\Harddisk0\DR0 - ok
22:47:52.0930 7152 ================ Scan VBR ==================================
22:47:52.0946 7152 [ 82947831F7C9A487BF59E32E7DD827B6 ] \Device\Harddisk0\DR0\Partition1
22:47:52.0946 7152 \Device\Harddisk0\DR0\Partition1 - ok
22:47:52.0961 7152 [ EE59F1C4E4778248B84F46B0D7F06853 ] \Device\Harddisk0\DR0\Partition2
22:47:52.0961 7152 \Device\Harddisk0\DR0\Partition2 - ok
22:47:52.0977 7152 [ E4AD0E98DF70F1B0B419D7EBEBD0A781 ] \Device\Harddisk0\DR0\Partition3
22:47:52.0977 7152 \Device\Harddisk0\DR0\Partition3 - ok
22:47:52.0992 7152 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
22:47:52.0992 7152 \Device\Harddisk0\DR0\Partition4 - ok
22:47:53.0008 7152 [ 4F03F06F7D12262502ABEF96473520A6 ] \Device\Harddisk0\DR0\Partition5
22:47:53.0008 7152 \Device\Harddisk0\DR0\Partition5 - ok
22:47:53.0008 7152 ============================================================
22:47:53.0008 7152 Scan finished
22:47:53.0008 7152 ============================================================
22:47:53.0008 0916 Detected object count: 1
22:47:53.0008 0916 Actual detected object count: 1
22:48:07.0282 0916 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:48:07.0282 0916 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:48:10.0776 6384 Deinitialize success
Danke für deine Hilfe! MS |
|
25.04.2013, 11:18
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Yahoo.com plötzlich als Startseite Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.04.2013, 16:46
| #8 |
| | Yahoo.com plötzlich als Startseite Hi, hier die Logdateien: 1. Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.25.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 ms :: BOERTA [Administrator] 25.04.2013 14:42:17 mbam-log-2013-04-25 (14-42-17).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 214414 Laufzeit: 5 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c9f3f901e755de4c9caea55d150933f2
# engine=13693
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-25 03:32:48
# local_time=2013-04-25 05:32:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 31939995 118533818 0 0
# scanned=203170
# found=0
# cleaned=0
# scan_time=8893
Scheint für das Laienauge gut zu sein! Was sagst du? Danke, MS. |
|
25.04.2013, 21:50
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Yahoo.com plötzlich als Startseite Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.04.2013, 17:35
| #10 |
| | Yahoo.com plötzlich als Startseite Es gibt zur Zeit keine erkennbaren Probleme mehr! Danke für deine Tips! Ich habe MVPS installiert und werde mir den Rest noch anschauen. Ich verstehe nur nicht...Hatte ich ein Problem mit Cookies? Ich dachte, ich hätte mir irgendeine Malware bei einem Download mit runter geladen? Kann ich dagegen irgendwie vorbeugen...außer nur von vertrauenswürdigen Seiten runterladen? Ich dachte, das hätte ich getan. Aber anscheinend habe ich mich geirrt. Herzlichen Dank nochmal für deine Hilfe! MS. |
|
26.04.2013, 22:57
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Yahoo.com plötzlich als Startseite Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => http://www.trojaner-board.de/lob-kritik-wuensche/ Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.04.2013, 00:48
| #12 |
| | Yahoo.com plötzlich als Startseite Spitze, danke! Natürlich werde ich noch Feedback abgeben und das Forum diesmal auch finanziell unterstützen. Bei der Frequenz mit der ich euch behellige, ist das durchaus angebracht! Dann mach ich mich mal an deine weiteren Sicherheitstips und hoffe, dass ich mich nicht sobald wieder melden muss! LG MS.  |
|
29.04.2013, 15:34
| #13 |
| | Yahoo.com plötzlich als Startseite Hallo cosinus, ich muss mich leider nochmal melden. Ich weiß gar nicht, ob das Thema "beendet" ist und damit nicht mehr beachtet wird, aber ich probier es mal. Das "Yahoo"-Ding bin ich offensichtlich immer noch nicht los. Ich hab heute eine Url ohne .com eingegeben. Ich wurde sofort auf die Yahoo-Suchseite weitergeleitet. Ich habe es jetzt erst bemerkt, weil ich meine gesamten Verlauf, Cookies, Anmeldungsdaten etc gelöscht habe und die Autovervollständigung nicht mehr möglich war. Zuvor wurde ich in solchen Fällen auf die Google-Seite weitergeleitet. Was kann da sein? Was soll ich noch machen! LG MS. |
|
29.04.2013, 15:37
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Yahoo.com plötzlich als Startseite Klick doch mal im Suchfeld auf den kleinen Pfeil neben der eigestellten Suchmaschine und dann Suchmaschinen verwalten...dort yahoo rausnehmen wenns denn so nervt!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.04.2013, 15:43
| #15 |
| | Yahoo.com plötzlich als Startseite Wow, das ging ja schnell. Wegen Nerven wärs nicht...Ich hab nur Sorge, etwas zurück behalten zu haben. Bei diesem Suchfeld habe ich Yahoo schon entfernt, bevor ich diesen Thread gestartet habe. Sofort nachdem ich Unregelmäßigkeiten bemerkt habe. Yahoo wird dort auch nicht mehr als Suchmaschine gelistet. Wenn du meinst, das macht nichts, ist es mir egal, dann lass ich es einfach so, aber ich habe ein gewisses Misstrauen bei der Verwendung meines Rechners. Ich weiß ja nicht, was sich da alles noch verstecken kann. Jedenfalls danke für Deine Hilfe! MS. |
|
| Themen zu Yahoo.com plötzlich als Startseite |
| adobe, adobe flash player, application/pdf:, autorun, bho, bingbar, error, escan, firefox, flash player, format, harddisk, home, igdpmd64.sys, leitet, logfile, microsoft, monitor.exe, plug-in, programme, prozess, realtek, registry, security, senden, spyware, taskhost.exe, temp, tracker, usb, wildtangent games, windows, yahoo toolbar, yahoo.com |
Linear-Darstellung
