| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Delta Search zu 100% entfernen!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.04.2013, 22:05
| #1 |
 |  Delta Search zu 100% entfernen! Hallo, Ich hab mir "Delta Search" eingefangen. Ich habe natürlich sofort die 2 Programme in der Leiste "Programme und Funktionen" deinstalliert. Nun taucht bei mir Delta Search nicht mehr auf wenn ich Mozilla Firefox öffne, aber in Google Chrome schon! Bitte um Hilfe. Ich habe Windows 8. Geändert von Kolle64 (30.04.2013 um 22:09 Uhr) Grund: fehler |
|
01.05.2013, 09:35
| #2 | ||
| /// TB-Ausbilder   | Delta Search zu 100% entfernen! Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Zitat:
Zitat:
Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).
Code:
ATTFilter activex
msconfig
CREATERESTOREPOINT
Bitte poste mit deiner nächsten Antwort
|
|
01.05.2013, 10:52
| #3 |
| | Delta Search zu 100% entfernen!Code:
ATTFilter # AdwCleaner v2.300 - Datei am 01/05/2013 um 11:45:11 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : Marco - VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marco\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\searchplugins\delta.xml
Ordner Gelöscht : C:\Program Files (x86)\hdvidcodec.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Users\Marco\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
Ordner Gelöscht : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\jetpack
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5e08d8db66fbe49
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=56CDA41731C8BC70 --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\prefs.js
C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "56cd2cb8000000000000000000000000");
Gelöscht : user_pref("extensions.delta.instlDay", "15825");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:34:49");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.39] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Gelöscht [l.42] : keyword = "delta-search.com",
Gelöscht [l.46] : search_url = "hxxp://www2.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=[...]
Gelöscht [l.2258] : homepage = "hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=56CDA41731C8BC70",
Gelöscht [l.2867] : urls_to_restore_on_startup = [ "hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrI[...]
*************************
AdwCleaner[S1].txt - [4175 octets] - [01/05/2013 11:45:11]
########## EOF - C:\AdwCleaner[S1].txt - [4235 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.3 (04.29.2013:2)
OS: Windows 8 x64
Ran by Marco on 01.05.2013 at 11:55:29,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\MYBABYLONTB.EXE-9549D72B.pf
Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-9F89068D.pf
~~~ Folders
~~~ FireFox
Successfully deleted: [File] C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\invalidprefs.js
Emptied folder: C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\minidumps [6 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.05.2013 at 11:59:54,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter OTL logfile created on: 01.05.2013 12:03:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 6,61 Gb Available Physical Memory | 83,13% Memory free 15,95 Gb Paging File | 14,38 Gb Available in Paging File | 90,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 901,66 Gb Total Space | 806,87 Gb Free Space | 89,49% Space Free | Partition Type: NTFS Drive D: | 5,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: VAIO | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.01 12:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe PRC - [2013.04.22 16:49:55 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2013.03.19 08:12:28 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.08.18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe PRC - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe PRC - [2012.08.18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2012.08.13 17:27:08 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2012.08.07 12:27:16 | 000,078,352 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe PRC - [2012.08.06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.08.06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.08.06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012.08.06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2012.07.27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe PRC - [2012.07.27 16:03:40 | 000,724,576 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe ========== Modules (No Company Name) ========== MOD - [2013.04.22 16:49:55 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe /McCoreSvc -- (McOobeSv2) SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.08.20 19:34:18 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.08.06 13:27:08 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2013.04.15 17:49:59 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.13 10:59:43 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.02.04 16:39:18 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.10.26 10:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.10.12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2012.08.18 06:36:14 | 000,623,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport) SRV - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2012.08.13 18:24:56 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2012.08.13 17:27:08 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2012.08.08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2012.08.08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2012.08.08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2012.08.08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2012.08.06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.08.06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.08.06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.08.06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.07.27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012.07.26 19:05:56 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2012.06.29 13:14:20 | 000,243,728 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124) SRV - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.12.01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013.03.02 12:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.02.26 15:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.02.26 15:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.08.24 17:46:51 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.08.21 19:07:35 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.08.21 19:04:57 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2012.08.20 19:38:28 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService) DRV:64bit: - [2012.08.20 19:34:37 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.08.20 19:34:37 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.08.20 18:04:39 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:64bit: - [2012.08.13 18:05:06 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.08.13 18:05:04 | 000,427,416 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_vdp.sys -- (BTATH_VDP) DRV:64bit: - [2012.08.13 18:05:04 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2012.08.13 18:05:02 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2012.08.13 18:05:00 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2012.08.13 18:05:00 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2012.08.13 18:05:00 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2012.08.13 18:05:00 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.08.13 18:04:58 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2012.08.06 19:48:09 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.07.26 20:05:54 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012.07.26 19:06:29 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.07.11 14:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:64bit: - [2012.06.11 04:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sows.sys -- (SOWS) DRV:64bit: - [2012.06.02 16:31:39 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1y60x64.sys -- (e1yexpress) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data] IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu [binary data] IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\..\SearchScopes\{98223153-8B48-4A67-B31E-DBC10729C0F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\..\SearchScopes\{DABE947E-26C9-48C2-9AD2-3D52CC9922E8}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms} IE - HKU\S-1-5-21-1480336447-959120865-3428270007-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 10:59:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 10:59:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.26 03:26:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions [2013.04.30 22:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\b952fzgu.default\extensions [2013.04.06 20:10:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\b952fzgu.default\extensions\ich@maltegoetz.de [2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\extensions\hdvc@hdvc.com.xpi [2013.04.04 00:17:37 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.13 10:59:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.13 10:59:43 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe () O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1480336447-959120865-3428270007-1001..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKU\S-1-5-21-1480336447-959120865-3428270007-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1480336447-959120865-3428270007-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E56B4C1-2020-4C70-B7DC-13DB4E1669BD}: NameServer = 213.157.0.193 213.157.0.194 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79BDA720-D8DD-4639-B669-9A126DEEA3FB}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{964CD537-089F-4B54-9644-B92070974B18}: DhcpNameServer = 192.168.43.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2013.01.31 20:28:14 | 000,000,049 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{8f2761a9-252e-11e2-be69-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8f2761a9-252e-11e2-be69-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) O33 - MountPoints2\{b6d7416e-a2b3-11e2-be85-a41731c8bc70}\Shell - "" = AutoRun O33 - MountPoints2\{b6d7416e-a2b3-11e2-be85-a41731c8bc70}\Shell\AutoRun\command - "" = "E:\Startme.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {74166507-F39E-305E-A972-2C3478E47350} - .NET Framework ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2013.05.01 12:01:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2013.05.01 11:55:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.01 11:55:16 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.01 11:54:11 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Marco\Desktop\JRT.exe [2013.05.01 10:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.01 10:23:45 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.05.01 10:23:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.01 10:23:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.05.01 10:23:42 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.05.01 10:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.04.27 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Avira [2013.04.27 18:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.04.27 18:34:00 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.04.27 18:34:00 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.04.27 18:34:00 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.04.27 18:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.04.27 18:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.04.22 20:15:41 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\LolClient [2013.04.22 19:08:47 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013.04.22 19:08:47 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013.04.22 19:08:46 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013.04.22 19:03:43 | 000,000,000 | ---D | C] -- C:\Riot Games [2013.04.22 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\League of Legends [2013.04.22 16:50:05 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\PMB Files [2013.04.22 16:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013.04.22 16:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013.04.22 16:49:09 | 000,000,000 | ---D | C] -- C:\Users\Marco\.swt [2013.04.16 13:37:08 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Origin [2013.04.16 13:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2013.04.16 13:36:46 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Origin [2013.04.16 13:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2013.04.16 13:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2013.04.16 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2013.04.13 20:04:05 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll [2013.04.13 20:03:59 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.04.13 20:03:57 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll [2013.04.13 20:03:55 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll [2013.04.13 20:03:50 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2013.04.13 20:03:49 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.13 20:03:49 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll [2013.04.13 20:03:48 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2013.04.13 20:03:47 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll [2013.04.13 20:03:47 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2013.04.13 20:03:46 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2013.04.13 20:03:45 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll [2013.04.13 20:03:44 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll [2013.04.13 20:03:44 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll [2013.04.13 20:03:43 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.04.13 20:03:43 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.04.13 20:03:43 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll [2013.04.13 20:03:42 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.13 20:03:42 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll [2013.04.13 20:03:41 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.04.13 20:03:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll [2013.04.13 20:03:40 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.04.13 20:03:40 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2013.04.13 20:03:40 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll [2013.04.13 20:03:39 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll [2013.04.13 20:03:38 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll [2013.04.13 20:03:38 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll [2013.04.13 20:03:37 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll [2013.04.13 20:03:37 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll [2013.04.13 20:03:36 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2013.04.13 20:03:36 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2013.04.13 20:03:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.04.13 20:03:35 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2013.04.13 20:03:35 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.04.13 20:03:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2013.04.13 20:03:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.04.13 20:03:32 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll [2013.04.13 20:03:32 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll [2013.04.13 20:03:32 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.04.13 20:03:30 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.04.13 20:03:30 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS [2013.04.13 20:03:30 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys [2013.04.13 20:03:29 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013.04.13 20:03:29 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll [2013.04.13 20:03:29 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.04.13 20:03:28 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys [2013.04.13 20:03:28 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013.04.13 20:03:28 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys [2013.04.13 20:03:27 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl [2013.04.13 20:03:27 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl [2013.04.13 20:03:27 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys [2013.04.13 20:03:26 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2013.04.13 20:03:26 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2013.04.13 20:03:25 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe [2013.04.13 20:03:25 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL [2013.04.13 20:03:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2013.04.13 20:03:24 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2013.04.13 20:03:24 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2013.04.13 20:03:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll [2013.04.13 20:03:23 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.04.13 20:03:22 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll [2013.04.13 20:03:22 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.04.13 20:03:22 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2013.04.13 20:03:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.04.13 20:03:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2013.04.13 20:03:19 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2013.04.13 10:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.11 21:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2013.04.11 21:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2013.04.10 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\Sky [2013.04.09 20:50:26 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.09 20:50:17 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.04.09 20:50:16 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.09 20:50:16 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.09 20:50:14 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.09 20:50:13 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.09 20:50:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.09 20:50:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.09 20:50:10 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.09 20:50:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.09 20:47:25 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.09 20:47:15 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll [2013.04.09 20:47:15 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll [2013.04.07 18:57:53 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Adobe [2013.04.07 14:38:47 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\Praktikum [2013.04.05 23:53:48 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\GTA San Andreas User Files [2013.04.05 23:53:47 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.04.05 23:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.04.05 23:31:38 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\GTA - San Andreas [2013.04.02 21:43:11 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care [2013.04.02 00:31:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump ========== Files - Modified Within 30 Days ========== [2013.05.01 12:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.01 12:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2013.05.01 11:54:12 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Marco\Desktop\JRT.exe [2013.05.01 11:50:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.01 11:48:40 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.01 11:48:17 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.01 11:48:08 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys [2013.05.01 11:45:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.01 11:42:40 | 000,628,743 | ---- | M] () -- C:\Users\Marco\Desktop\adwcleaner.exe [2013.05.01 10:23:36 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013.05.01 10:23:36 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013.05.01 10:23:36 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013.05.01 10:23:36 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.01 10:23:36 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.05.01 10:23:36 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.27 18:34:09 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.04.23 21:02:47 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.23 21:02:47 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.23 21:02:47 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.23 21:02:47 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.23 21:02:47 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.22 19:08:48 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.04.12 21:47:19 | 657,116,322 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.04.12 17:29:33 | 000,422,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.03 00:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.03 00:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013.05.01 11:42:36 | 000,628,743 | ---- | C] () -- C:\Users\Marco\Desktop\adwcleaner.exe [2013.04.27 18:34:09 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.04.22 19:08:48 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.04.13 20:03:19 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.04.12 17:29:20 | 000,422,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.02 21:43:10 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk [2013.04.02 11:39:56 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.02 00:31:05 | 657,116,322 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.03.26 23:39:07 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.03.23 23:30:41 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini [2012.11.03 00:28:20 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.11.02 23:03:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.21 23:56:24 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.08.21 23:56:24 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.08.21 23:56:24 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2013.03.28 15:24:13 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < > < End of report > Code:
ATTFilter OTL Extras logfile created on: 01.05.2013 12:03:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 6,61 Gb Available Physical Memory | 83,13% Memory free
15,95 Gb Paging File | 14,38 Gb Available in Paging File | 90,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 901,66 Gb Total Space | 806,87 Gb Free Space | 89,49% Space Free | Partition Type: NTFS
Drive D: | 5,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: VAIO | User Name: Marco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1480336447-959120865-3428270007-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013A8D79-6A1F-41C1-8A2D-5C4CA6215FA6}" = dir=out | name=mcafee security advisor for sony |
"{0294D880-F5AD-477D-B70B-0A08842419D9}" = dir=out | name=microsoft minesweeper |
"{03305BC6-51E6-47A5-A6ED-2404A0AD74AD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0E79F294-68D4-4AB0-9A0C-CC7A757EB9C9}" = dir=out | name=microsoft solitaire collection |
"{120B0BC3-81AA-4E14-AB91-EDC20DA9487F}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{24CDA0E7-6D44-458E-A871-B2D1394DEFC0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{2967B6DB-CC11-463B-95E5-CDF8444E7C5C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2D749DDC-B43D-49EA-93D4-4A13507CFDAD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3161BB44-B615-4F36-A1E3-77FEEECE6223}" = dir=out | name=ebay |
"{32EAB6B5-CE52-4D17-911A-965A21C01458}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{3B9BFA27-0700-4F3F-8FDC-4D543402E272}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3CBFFABD-1983-486A-A050-0F582C7B9B8C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{413C468C-9493-44B3-871B-C25C12AEC7D8}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4558B196-9202-49A7-9D18-462CC7186598}" = dir=out | name=vaio care |
"{47258C51-B435-47D7-B541-A3FEF4FD8153}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{47742587-FAC8-4335-86DA-EB968014DC4D}" = dir=in | name=vaio care |
"{4B3607BF-2454-41FE-9524-9794CC15FC88}" = dir=out | name=- games app - |
"{4E9D2D91-FC5B-44FA-8B01-98EC37A0C9AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{56062B1F-1241-40C4-8367-D5D18D4E94AE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{57C55351-58BD-42EA-97DC-077E437FE9E5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5F07067F-0D83-407D-93C5-C6E1B4EB321F}" = dir=out | name=vaio message center |
"{60F11EFD-C078-4CDC-99F8-17DBCAFF666B}" = dir=out | name=skype |
"{61A65634-602B-408E-8993-1358CF2DAEAD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{6CA69DC5-F564-49D5-95AE-09E64D6B74AF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8C30EFD0-D866-477F-A86F-9A12931CD85C}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8CF99E68-D8C0-4DBA-9D3C-2475607C3708}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{921D3388-227D-41A9-9D67-BAC5B78B2C71}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{929D3C6D-13D3-477C-97D7-9AE63D32F54F}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9460AC59-A02F-4A98-A604-345AFB0BE0CE}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{9768916F-5CE3-4539-828D-59644DEC29AE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe |
"{98A313FE-529F-432A-830B-26E734789D6C}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B31BD297-3B45-494F-9D4F-518028CB9B20}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{B6DD4179-6205-4859-B6EE-69355B18ECD7}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C86ABF8C-0781-48F6-A910-6ACB1B3E77A7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{CAAE9C61-ECBB-422C-9DBC-64E22766BC6A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CDF66CBC-5FBC-44A9-BC8A-005AEE053670}" = dir=out | name=wordament |
"{D09C727C-25D2-4890-93A8-AFEFEED453DE}" = dir=in | name=skype |
"{D3EE52FD-1507-4B2E-9C73-33445C70B0D3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{D4D09670-6537-4123-A9C1-E2DCC5B0D85A}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D7F698A1-7FFE-434C-88F9-4984C3B578C5}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{DCB97DDF-93CF-472D-A564-33852CCC8D47}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{DE7B9636-CF3E-4877-8DB8-34C0294FCBE4}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E2E6E2D7-01B0-4176-8978-C269B7493DFE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB2533D0-DB58-485F-828C-22450D85CAE2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{EBB11244-1015-430F-8EB4-27A835B1C8C6}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{EE26B9A2-4A0C-4C46-ABA9-2E25CE8E73CB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 2070\initengine.exe |
"{F51196D3-DCEA-4931-BF50-43CFD173FF76}" = dir=out | name=taptiles |
"{F9290514-2153-497E-A7CB-42AC8D208D05}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{FD0788A1-448E-474E-8C23-3D42E215B04B}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FDBA8DC2-7902-451B-8BB4-270BCFED7F60}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"{FFCD581E-C6ED-40B5-BF2E-15D7F4613B25}" = dir=in | name=ebay |
"TCP Query User{E6E7C60C-1F1C-4D7F-AAC5-390F18638970}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{295A4F3A-C38D-4D08-AF31-F8FC55FFA1BD}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = Die Sims™ 3 Wildes Studentenleben
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Google Chrome" = Google Chrome
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-0f56e254-68d4-4126-a56d-32b5f8b500ca" = Heroes of Hellas 3: Athens
"WTA-1af59162-2189-4f37-8370-f8c94bd88eab" = Build-a-lot: On Vacation
"WTA-3660a80f-ae89-4050-b879-933547ca8b1d" = FATE
"WTA-400fae58-a2db-44c3-bb66-e48284dbfc2a" = Agatha Christie - Death on the Nile
"WTA-487c957c-7554-42f0-8c3e-b2dd21754e67" = Mystery of Mortlake Mansion
"WTA-4b93e960-f331-4090-b337-96277f19576f" = Cradle Of Egypt Collector's Edition
"WTA-55c22e74-0ecc-435c-a90d-eee2034c981b" = Bejeweled 3
"WTA-6b306f3b-5dba-44f8-9bdc-d3b4e672dc95" = Mystery P.I. - The London Caper
"WTA-8ab2e6d4-c776-45b8-aa48-daf7c0824393" = Mahjongg Artifacts
"WTA-96c0f6a5-cfba-44ae-aeca-3e1e621333b7" = Plants vs. Zombies - Game of the Year
"WTA-c0997165-55cf-48c0-afdc-370d47be4214" = Polar Bowler
"WTA-c5a72914-23e7-415f-ac69-7cc95bc3328f" = Chuzzle Deluxe
"WTA-d0f17585-3960-44cb-9c74-a467be007a26" = Chronicles of Albian
"WTA-da8944bc-6b63-49c1-9114-ddf656ba2a64" = Aloha TriPeaks
"WTA-e6f8b26c-96a1-4abc-8df5-3bf0461d430d" = Luxor HD
"WTA-fb282264-4b05-4819-936a-7e4ef28cce22" = Virtual Villagers 4 - The Tree of Life
< End of report >
|
|
01.05.2013, 11:33
| #4 |
| /// TB-Ausbilder | Delta Search zu 100% entfernen! Servus, sehr gut gemacht. Wir spüren noch die letzten Reste auf, damit wir sie entfernen können: Schritt 1 Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
|
01.05.2013, 14:44
| #5 |
| | Delta Search zu 100% entfernen!Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 15:31 on 01/05/2013 by Marco
Administrator - Elevation successful
========== filefind ==========
Searching for "*babylon*"
C:\Users\Marco\AppData\Local\Temp\D60F1AD6-BAB0-7891-A3BE-B890FA835EA5\MyBabylonTB.exe --a---- 1953504 bytes [12:56 08/04/2013] [12:56 08/04/2013] 8579A1F1CA46DAAD932A147F7AFCED5C
C:\Users\Marco\Music\Celo Abdi - mietwagentape\11 - Capo - OF Babylon (prod. by Razor).mp3 --a---- 3100692 bytes [08:55 25/03/2013] [06:47 14/01/2011] 9EEFA7BF6940BEC2C638E92379B34EBE
Searching for "*hdvidcodec*"
C:\Windows\Prefetch\HDVIDCODEC.TMP-78ADD8C6.pf --a---- 102634 bytes [19:35 30/04/2013] [19:35 30/04/2013] 576D9960BB809F4F9C47F7340DFBDC15
Searching for "*BrowserProtect*"
No files found.
Searching for "*DataMngr*"
No files found.
Searching for "*delta-search*"
No files found.
========== folderfind ==========
Searching for "*babylon*"
No folders found.
Searching for "*hdvidcodec*"
No folders found.
Searching for "*BrowserProtect*"
No folders found.
Searching for "*DataMngr*"
No folders found.
Searching for "*delta-search*"
No folders found.
========== regfind ==========
Searching for "babylon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}]
"DllName"="BabylonToolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}]
"DllName"="BabylonToolbarTlbr.dll"
Searching for "hdvidcodec"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\HDVidCodec.lnk C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli]
"path"="C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx"
[HKEY_USERS\S-1-5-21-1480336447-959120865-3428270007-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com\HDVidCodec.lnk C:\Program Files (x86)\hdvidcodec.com\HDVidCodec.exe"
Searching for "BrowserProtect"
No data found.
Searching for "DataMngr"
No data found.
Searching for "delta-search"
No data found.
Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{45057FCE-5784-48BE-8176-D9D00AF56C3C}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{CEC5DB5A-B4C9-4809-96C6-39CE715E4790}">
<Descriptor descriptorID="{9C8680ED-C0A6-4700-ACDF-B24C979511E0}"/>
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{768BD93D-63BE-46A9-89
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\Games\{FF236D35-9C60-4621-ACFC-4C7F565B3C08}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{EC290BBB-D618-4cb9-9963-1CAAE515443E}" ratingID="{068D40C4-7809-4c67-8FEA-DA457CF990B4}"/>
<Rating ratingSystemID="{9AAFBACD-EAB9-4946-8BE8-C4D997927C81}" ratingID="{F7066480-67CC-4697-9B47-7E534B74089D}">
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{5B39D1B8-ED49-4055-8A47-04B29A579AD6}" ratingID="{9AE7AC26-0F9A-4f59-A167-00E4F6C96E26}">
<Descriptor descriptorID="{F110F831-9412-40c9-860A-B489407ED374}"/>
</Rating>
<Rating ratingSystemID="{C705DCF4-6AFE-4f4f-BC51-21807E4E5CFB}" ratingID="{6948F4DF-FD98-41ea-979A-8364043D7FD6}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{97D9239C-2BA
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1480336447-959120865-3428270007-1001\{3E4A0F3C-98A6-493D-BDBD-F6A3DE9A9E9D}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{9DD9B30C-E89F-4d1c-AEC4-174D7432C39B}">
<Descriptor descriptorID="{1A796A5D-1E25-4862-9443-1550578FF4C4}"/>
</Rating>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}">
<Descriptor descriptorID="{2EE62B22-15EE-4f18-8F72-1CB2730D2942}"/>
</Rating>
<Rating ratingSystemID="{B305AB16-9FF2-40f5-A65
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1480336447-959120865-3428270007-1001\{45CE9C80-CE22-44C0-A464-29D50ADC28A5}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1480336447-959120865-3428270007-1001\{56E97450-9A4F-4379-91B2-E0A845FF2B69}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-1480336447-959120865-3428270007-1001\{CF578524-2032-49D7-8F51-78B59A1D816B}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="28800" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
-= EOF =-
"Es sind keine Erweiterungen vorhanden :-( Möchten Sie sich jetzt in der Galerie umsehen?" Noch eine Frage: War das schlimm das bei Suchmaschinen verwalten der Delta Search aufgetaucht ist? (Habe ihn wie beschrieben mit einem x weggemacht) Geändert von Kolle64 (01.05.2013 um 14:47 Uhr) Grund: frage |
|
01.05.2013, 18:15
| #6 | |
| /// TB-Ausbilder | Delta Search zu 100% entfernen! Servus, Zitat:
Wir entfernen jetzt noch ein paar Reste: Schritt 1 Fixen mit OTL
Code:
ATTFilter :OTL
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\extensions\hdvc@hdvc.com.xpi
:files
C:\Users\Marco\AppData\Local\Temp\D60F1AD6-BAB0-7891-A3BE-B890FA835EA5
:Commands
[emptytemp]
Schritt 2 Bitte lade dir ZOEK auf deinen Desktop und starte es.
Wie läuft dein Rechner momentan? Taucht Delta-Search noch auf? Wenn ja, in welchem Browser? Bitte poste mit deiner nächsten Antwort
|
|
03.05.2013, 15:36
| #7 |
| | Delta Search zu 100% entfernen!Code:
ATTFilter :OTL
[2013.04.17 15:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\extensions\hdvc@hdvc.com.xpi
:files
C:\Users\Marco\AppData\Local\Temp\D60F1AD6-BAB0-7891-A3BE-B890FA835EA5
:Commands
[emptytemp]
|
|
03.05.2013, 15:45
| #8 |
| /// TB-Ausbilder | Delta Search zu 100% entfernen! Servus, lies dir bitte meine Anleitung nochmal genau durch und führe den OTL-Fix wie beschrieben aus. |
|
03.05.2013, 15:46
| #9 |
| | Delta Search zu 100% entfernen! Die untere Anleitung oder? Hier sind die von zoek Code:
ATTFilter Zoek.exe Version 4.0.0.2 Updated 30-04-2013
Tool run by Marco on 03.05.2013 at 16:39:36,60.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Batch Command(s) Run By Tool======================
C:\Windows\system32\appdata deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\ich@maltegoetz.de
- HDvid Codec - %ProfilePath%\extensions\hdvc@hdvc.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default
ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
B3BA4E18594082F88D9013CC8C080855 - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleting Files \ Folders ======================
"C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\b952fzgu.default\extensions\hdvc@hdvc.com.xpi" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
kpkbnefaikfaeadgidhpoanckoiaheli - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{98223153-8B48-4A67-B31E-DBC10729C0F4} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS"
{DABE947E-26C9-48C2-9AD2-3D52CC9922E8} eBay Url="hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\users\Marco\AppData\Local\Mozilla\Firefox\Profiles\b952fzgu.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Marco\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Marco\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
|
|
03.05.2013, 15:53
| #10 |
| /// TB-Ausbilder | Delta Search zu 100% entfernen! Servus, ok, gut gemacht.  Starte bitte OTL.exe und drücke den Quick Scan Button. Poste die OTL.txt hier in deinen Thread. Beantworte mir außerdem diese Fragen: Wie läuft dein Rechner momentan? Gibt es noch Probleme mit Delta-Search? Wenn ja, in welchem Browser? |
|
03.05.2013, 16:05
| #11 |
| | Delta Search zu 100% entfernen! Soll ich jetzt nicht mehr den OTL-FIX ausführen, sondern den Quick Scan? |
|
03.05.2013, 16:06
| #12 | |
| /// TB-Ausbilder | Delta Search zu 100% entfernen!Zitat:
Den Scan bitte nun ausführen. |
|
03.05.2013, 16:16
| #13 |
| | Delta Search zu 100% entfernen! Komme grad nich so mit, erst Fix, dann Quick Scan, jetzt Scan. Was denn nun jetzt? |
|
03.05.2013, 16:18
| #14 | |
| /// TB-Ausbilder | Delta Search zu 100% entfernen!Zitat:
 mach den Quickscan wie gepostet.Ich hab nur "Scan" hervorgehoben, weil ich nicht wollte, dass du den Fix machst.  |
|
03.05.2013, 16:21
| #15 |
| | Delta Search zu 100% entfernen! achso dann Code:
ATTFilter OTL logfile created on: 03.05.2013 17:02:10 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 6,19 Gb Available Physical Memory | 77,85% Memory free 15,95 Gb Paging File | 14,01 Gb Available in Paging File | 87,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 901,66 Gb Total Space | 806,85 Gb Free Space | 89,49% Space Free | Partition Type: NTFS Drive D: | 5,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: VAIO | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.01 12:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe PRC - [2013.04.22 16:49:55 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2013.04.13 10:59:43 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.03.19 08:12:28 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.10.12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2012.08.18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe PRC - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe PRC - [2012.08.18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2012.08.13 17:27:08 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2012.08.07 12:27:16 | 000,078,352 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe PRC - [2012.08.06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.08.06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.08.06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012.08.06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2012.07.27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe PRC - [2012.07.27 16:03:40 | 000,724,576 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe ========== Modules (No Company Name) ========== MOD - [2013.04.22 16:49:55 | 004,288,048 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2013.04.13 10:59:43 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.08.06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe /McCoreSvc -- (McOobeSv2) SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.08.20 19:34:18 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.08.06 13:27:08 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2013.04.15 17:49:59 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.13 10:59:43 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.02.28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.02.04 16:39:18 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.10.26 10:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.10.12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2012.08.18 06:36:14 | 000,623,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport) SRV - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2012.08.13 18:24:56 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2012.08.13 17:27:08 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2012.08.08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2012.08.08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2012.08.08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2012.08.08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2012.08.06 19:54:48 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.08.06 19:53:51 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.08.06 19:52:02 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.08.06 19:43:50 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.07.27 16:08:52 | 000,474,208 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012.07.26 19:05:56 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2012.06.29 13:14:20 | 000,243,728 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124) SRV - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.12.01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013.03.02 12:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.02.26 15:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.02.26 15:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.08.24 17:46:51 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012.08.21 19:07:35 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.08.21 19:04:57 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2012.08.20 19:38:28 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService) DRV:64bit: - [2012.08.20 19:34:37 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.08.20 19:34:37 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.08.20 18:04:39 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:64bit: - [2012.08.13 18:05:06 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.08.13 18:05:04 | 000,427,416 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_vdp.sys -- (BTATH_VDP) DRV:64bit: - [2012.08.13 18:05:04 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2012.08.13 18:05:02 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2012.08.13 18:05:00 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2012.08.13 18:05:00 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2012.08.13 18:05:00 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2012.08.13 18:05:00 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.08.13 18:04:58 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2012.08.06 19:48:09 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.07.26 20:05:54 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012.07.26 19:06:29 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.07.11 14:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:64bit: - [2012.06.11 04:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sows.sys -- (SOWS) DRV:64bit: - [2012.06.02 16:31:39 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1y60x64.sys -- (e1yexpress) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\..\SearchScopes\{98223153-8B48-4A67-B31E-DBC10729C0F4}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS IE - HKCU\..\SearchScopes\{DABE947E-26C9-48C2-9AD2-3D52CC9922E8}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 10:59:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.13 10:59:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.26 03:26:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions [2013.05.03 16:43:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\b952fzgu.default\extensions [2013.04.06 20:10:45 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\b952fzgu.default\extensions\ich@maltegoetz.de [2013.04.04 00:17:37 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\b952fzgu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.13 10:59:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.13 10:59:43 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: https://www.google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe () O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E56B4C1-2020-4C70-B7DC-13DB4E1669BD}: NameServer = 213.157.0.193 213.157.0.194 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79BDA720-D8DD-4639-B669-9A126DEEA3FB}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{964CD537-089F-4B54-9644-B92070974B18}: DhcpNameServer = 192.168.43.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2013.01.31 20:28:14 | 000,000,049 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{8f2761a9-252e-11e2-be69-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8f2761a9-252e-11e2-be69-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) O33 - MountPoints2\{b6d7416e-a2b3-11e2-be85-a41731c8bc70}\Shell - "" = AutoRun O33 - MountPoints2\{b6d7416e-a2b3-11e2-be85-a41731c8bc70}\Shell\AutoRun\command - "" = "E:\Startme.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2013.05.03 16:45:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.05.03 16:43:49 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2013.05.03 16:43:49 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Temp [2013.05.03 16:42:31 | 000,000,000 | ---D | C] -- C:\zoek [2013.05.01 12:01:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2013.05.01 11:55:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.01 11:55:16 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.01 10:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.01 10:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.04.27 18:39:52 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Avira [2013.04.27 18:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.04.27 18:34:00 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.04.27 18:34:00 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.04.27 18:34:00 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.04.27 18:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.04.27 18:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.04.22 20:15:41 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\LolClient [2013.04.22 19:03:43 | 000,000,000 | ---D | C] -- C:\Riot Games [2013.04.22 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\League of Legends [2013.04.22 16:50:05 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\PMB Files [2013.04.22 16:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013.04.22 16:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013.04.22 16:49:09 | 000,000,000 | ---D | C] -- C:\Users\Marco\.swt [2013.04.16 13:37:08 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Origin [2013.04.16 13:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2013.04.16 13:36:46 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Origin [2013.04.16 13:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2013.04.16 13:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2013.04.16 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2013.04.13 10:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.11 21:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2013.04.11 21:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2013.04.10 14:09:25 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\Sky [2013.04.07 18:57:53 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\Adobe [2013.04.07 14:38:47 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\Praktikum [2013.04.05 23:53:48 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\GTA San Andreas User Files [2013.04.05 23:53:47 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.04.05 23:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2013.04.05 23:31:38 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\GTA - San Andreas ========== Files - Modified Within 30 Days ========== [2013.05.03 16:46:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.03 16:46:16 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.03 16:45:08 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.03 16:44:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.03 16:44:43 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys [2013.05.03 16:39:32 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe [2013.05.03 16:38:16 | 001,269,060 | ---- | M] () -- C:\Users\Marco\Desktop\zoek.exe [2013.05.03 16:23:11 | 699,847,138 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.01 20:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.01 15:29:38 | 000,165,376 | ---- | M] () -- C:\Users\Marco\Desktop\SystemLook_x64.exe [2013.05.01 12:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco\Desktop\OTL.exe [2013.04.27 18:34:09 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.04.23 21:02:47 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.23 21:02:47 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.23 21:02:47 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.23 21:02:47 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.23 21:02:47 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.22 19:08:48 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.04.12 17:29:33 | 000,422,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.05.03 16:43:50 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe [2013.05.03 16:38:15 | 001,269,060 | ---- | C] () -- C:\Users\Marco\Desktop\zoek.exe [2013.05.01 15:29:37 | 000,165,376 | ---- | C] () -- C:\Users\Marco\Desktop\SystemLook_x64.exe [2013.04.27 18:34:09 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.04.22 19:08:48 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2013.04.13 20:03:19 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.04.12 17:29:20 | 000,422,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.26 23:39:07 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.03.23 23:30:41 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini [2012.11.03 00:28:20 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.11.02 23:03:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.21 23:56:24 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.08.21 23:56:24 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.08.21 23:56:24 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2013.03.28 15:24:13 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.03.23 22:35:04 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\iolo [2013.04.22 20:15:41 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\LolClient [2013.04.16 13:37:12 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Origin [2013.03.28 16:02:33 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\Ubisoft [2013.03.28 18:11:57 | 000,000,000 | ---D | M] -- C:\Users\Marco\AppData\Roaming\WildTangent ========== Purity Check ========== < End of report > (inklusive 64-bit scans und nicht scanne alle benutzer) |
|
| Themen zu Delta Search zu 100% entfernen! |
| 100%, browser, delta, delta search, delta search entfernen, entfern, entferne, entfernen, entfernt, firefox, funktionen, leiste, malware, natürlich, nicht mehr, programme, programme und funktionen, search, sofort, taucht, trojaner, virus, windows, windows 8 |
Textbox.
Linear-Darstellung
