| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mahnung mit Anhang handyshop.deWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.05.2013, 12:43
| #1 |
 |  Mahnung mit Anhang handyshop.de Hallo, ich wollte kein neuen Thread aufmachen deshalb frage ich hier. Ich habe das gleiche Problemwie Kollege Ak-double1, bloß meine Frau hat die MSDOS.exe Datei die in den Email als Anhang war ausgeführt  .Ich habe Windows 8 64 bit auf den Laptop. Als Virenscanner arbeitet der Bitdefender 2013. Ich habe die gepackte MSDOS Datei auf dem Desktop gespeichert und sofort mein System mit dem Bitdefender gecheckt. Keine Viren gefunden. Danach habe ich noch mir den Malwarebytes und Eset Onlne ein Vollscan gemacht. Bei Malwarebytes war das System sauber, Eset hat nach 6 Std. Scan ein Virus Win32/Trustezeb.C in der gespeicherte MSDOS.exe Datei auf dem Desktop gefunden, sonst alles sauber. Ich habe die verseuchte Datei bei Virustotal.com hochgeladen. Es waren 13 von 48 Treffer mit verschieden Virennamen. Kann es sein das Win 8 die Datei gar nicht ausgeführt hat ??? Kann ich nach dem ganzen Scans jetzt sicher sein das mein System sauber ist  ?Was sagen die Experten. Vielen Dank in Voraus. Gruß janek (edit) wir haben hier aber die Regel, dass jeder Hilfesuchende einen neuen Strang eröffnet. Deswegen wird dein Beitrag in einem eigenen Strang verwandelt. cosinus (/edit) Geändert von cosinus (08.05.2013 um 12:58 Uhr) |
|
08.05.2013, 13:41
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Mahnung mit Anhang handyshop.de Zitat:
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
08.05.2013, 13:57
| #3 |
| | Mahnung mit Anhang handyshop.de Hie der Eset log
__________________Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=176b80706947ca4dba6445b154e3fb9b
# engine=13779
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-08 10:50:58
# local_time=2013-05-08 12:50:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 4042353 27516369 0 0
# scanned=228721
# found=1
# cleaned=0
# scan_time=20514
sh=0A0A2A0D7B209F842F92E6A8AAEBAAFE5BDE9579 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C trojan" ac=I fn="C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip"
https://www.virustotal.com/de/file/e15378cca0354a65a969da9b5858948be0528d954ab97df79024bbbf1b7fb5ae/analysis/ Ich hoffe das mein System sauber ist. Gruß janek |
|
08.05.2013, 14:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mahnung mit Anhang handyshop.de Hm, Bitdefender scheint die Datei schon zu erkennen. Fraglich ob dein Bitdefender schon aktuell genug war. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.05.2013, 15:35
| #5 |
| | Mahnung mit Anhang handyshop.de So, ich habe die datei gestern und heute an virustotat.com hochgeladen. Gestern hat der Bitdefender die nicht erkannt, heute wo ich die Datei nochmal übeprüft habe schlug er Alarm Trojan.GenericKD.978772 Hier die Otl logs: Otl.txt Code:
ATTFilter OTL logfile created on: 08.05.2013 16:21:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marko\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 76,18% Memory free 9,14 Gb Paging File | 6,06 Gb Available in Paging File | 66,31% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 429,66 Gb Total Space | 235,13 Gb Free Space | 54,73% Space Free | Partition Type: NTFS Computer Name: MARCO | User Name: Marko | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Marko\Desktop\otl.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Users\Marko\AppData\Roaming\Dropbox\bin\dropbox.exe (Dropbox, Inc.) PRC - c:\program files (x86)\google\update\1.3.21.135\googlecrashhandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\vesmgrsub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\isbmgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe () PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PlayMemories Home\pmbvolumewatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\cnmnsst.exe (CANON INC.) PRC - C:\Program Files (x86)\SlySoft\CloneCD\clonecdtray.exe (SlySoft, Inc.) PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\Sony\VAIO Care\listener.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV:64bit: - (mfeicfcoreocp) -- C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe File not found SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe () SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations) SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe (LogMeIn, Inc.) SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.) SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (SafeBox) -- C:\Programme\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (VMLiteService) -- C:\Programme\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.) SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (OpenSSHd) -- C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (avc3) -- C:\Windows\SysNative\Drivers\avc3.sys (BitDefender) DRV:64bit: - (avckf) -- C:\Windows\SysNative\Drivers\avckf.sys (BitDefender) DRV:64bit: - (gzflt) -- C:\Windows\SysNative\Drivers\gzflt.sys (BitDefender LLC) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\Drivers\bdsandbox.sys (BitDefender SRL) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (TVICHW32) -- C:\Windows\SysNative\Drivers\TVicHW32.sys (EnTech Taiwan) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\Drivers\btath_vdp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros) DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.) DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\Drivers\LMIRfsDriver.sys (LogMeIn, Inc.) DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\Drivers\lmimirr.sys (LogMeIn, Inc.) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (avchv) -- C:\Windows\SysNative\Drivers\avchv.sys (BitDefender) DRV:64bit: - (trufos) -- C:\Windows\SysNative\Drivers\trufos.sys (BitDefender S.R.L.) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\Drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\Drivers\bdvedisk.sys (BitDefender) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\Drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (bdelam) -- C:\Windows\SysNative\Drivers\bdelam.sys (Bitdefender) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (SOWS) -- C:\Windows\SysNative\Drivers\sows.sys (Sony Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\Drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (BazisVirtualCDBus) -- C:\Windows\SysNative\Drivers\BazisVirtualCDBus.sys (SysProgs.org) DRV:64bit: - (VMLiteUSBMon) -- C:\Windows\SysNative\Drivers\vmliteusbmon.sys (VMLite, Inc.) DRV:64bit: - (vmlitestor) -- C:\Windows\SysNative\Drivers\vmlitestor.sys (VMLite, Inc.) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (VMLite, Inc.) DRV:64bit: - (vmlitedrv) -- C:\Windows\SysNative\Drivers\vmlitedrv.sys (VMLite, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\Drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (BdfNdisf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV - (TVICHW32) -- C:\Windows\SysWOW64\drivers\TVicHW32.sys (EnTech Taiwan) DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys (LogMeIn, Inc.) DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data] IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.diesiedleronline.de/de/startseite IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes,DefaultScope = {AE2FE55A-7608-47C7-B864-2B8F719BA3B1} IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{50EFAEF8-9B78-4A78-8B95-D180254CEC32}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms} IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{AE2FE55A-7608-47C7-B864-2B8F719BA3B1}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.mydealz.de/" FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3 FF - prefs.js..extensions.enabledAddons: crossriderapp16150%40crossrider.com:0.91.39 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..network.proxy.autoconfig_url: "https://secure.premiumize.me/aebe55ce14110e7eaa033cfa2e2f22e3/proxy.pac" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.01.07 21:52:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 19:33:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.07 21:34:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.01.07 21:52:36 | 000,000,000 | ---D | M] [2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions [2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2013.05.07 20:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions [2013.05.07 20:39:50 | 000,000,000 | ---D | M] ("DKB-Cashback") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com [2013.01.07 22:03:33 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\foxmarks@kei.com [2013.05.07 20:39:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com\chrome\content\extensionCode [2013.05.01 19:52:16 | 000,242,286 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2013.02.14 19:45:55 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.01.07 21:29:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.12 19:33:49 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://sony13.msn.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Google Drive = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: DKB-Cashback = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\crossrider CHR - Extension: DKB-Cashback = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\ CHR - Extension: Google Mail = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DKB-Cashback) - {11111111-1111-1111-1111-110111611150} - C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.dll (dkbbrowserextension) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [BrowserChoice] C:\Windows\BrowserChoice\browserchoice.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2775004557-157767295-234458685-1001..\Run: [icq] C:\Users\Marko\AppData\Roaming\ICQM\icq.exe (ICQ) O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marko\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1894D1E-4985-41E1-A93F-16481E55A7A1}: NameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.08 16:19:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe [2013.05.08 07:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013.05.07 19:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.07 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\mbar [2013.05.07 15:17:36 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\DKB-Cashback [2013.05.07 15:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DKB-Cashback [2013.05.06 18:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON [2013.05.04 13:42:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\My Recorded Scripts [2013.05.04 13:42:08 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Nemex [2013.05.04 13:42:06 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Mouse Recorder Pro [2013.05.04 13:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nemex [2013.05.04 13:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2 [2013.05.03 16:26:43 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Google [2013.05.03 16:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2013.05.03 16:20:31 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Ashampoo [2013.05.03 16:15:34 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\ashampoo [2013.05.03 16:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2013.05.03 16:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo [2013.05.03 16:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo [2013.05.03 16:14:35 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Programs [2013.05.03 15:19:04 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Neuer Ordner [2013.05.01 11:01:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.01 11:00:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.01 11:00:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.05.01 11:00:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.04.29 18:01:36 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2013.04.29 18:01:32 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2013.04.23 15:56:56 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\tomi [2013.04.20 11:04:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Medion [2013.04.13 10:32:42 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll [2013.04.13 10:32:27 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.04.13 10:32:23 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll [2013.04.13 10:32:20 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll [2013.04.13 10:32:13 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2013.04.13 10:32:11 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.13 10:32:11 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll [2013.04.13 10:32:09 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2013.04.13 10:32:09 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2013.04.13 10:32:08 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2013.04.13 10:32:08 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll [2013.04.13 10:32:07 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll [2013.04.13 10:32:06 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll [2013.04.13 10:32:06 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll [2013.04.13 10:32:05 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.04.13 10:32:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.04.13 10:32:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll [2013.04.13 10:32:04 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll [2013.04.13 10:32:03 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.13 10:32:01 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.04.13 10:32:01 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll [2013.04.13 10:32:01 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll [2013.04.13 10:32:00 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.04.13 10:32:00 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2013.04.13 10:31:58 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll [2013.04.13 10:31:58 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll [2013.04.13 10:31:58 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll [2013.04.13 10:31:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll [2013.04.13 10:31:57 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2013.04.13 10:31:57 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll [2013.04.13 10:31:56 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.04.13 10:31:56 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2013.04.13 10:31:56 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.04.13 10:31:55 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2013.04.13 10:31:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2013.04.13 10:31:52 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll [2013.04.13 10:31:52 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll [2013.04.13 10:31:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.04.13 10:31:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.04.13 10:31:51 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys [2013.04.13 10:31:50 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.04.13 10:31:50 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS [2013.04.13 10:31:50 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.04.13 10:31:49 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013.04.13 10:31:49 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll [2013.04.13 10:31:48 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2013.04.13 10:31:48 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2013.04.13 10:31:48 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl [2013.04.13 10:31:48 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys [2013.04.13 10:31:48 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl [2013.04.13 10:31:48 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013.04.13 10:31:48 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys [2013.04.13 10:31:48 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe [2013.04.13 10:31:48 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL [2013.04.13 10:31:48 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys [2013.04.13 10:31:47 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2013.04.13 10:31:46 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2013.04.13 10:31:46 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll [2013.04.13 10:31:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2013.04.13 10:31:44 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.04.13 10:31:44 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll [2013.04.13 10:31:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.04.13 10:31:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2013.04.13 10:31:43 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2013.04.13 10:31:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.04.13 10:31:42 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2013.04.11 10:04:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.11 10:04:32 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.04.11 10:04:31 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.11 10:04:31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.11 10:04:29 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.11 10:04:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.11 10:04:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.11 10:04:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.11 10:04:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.11 10:04:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.11 10:01:06 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.11 10:00:34 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll [2013.04.11 10:00:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll ========== Files - Modified Within 30 Days ========== [2013.05.08 16:19:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe [2013.05.08 16:14:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.08 16:13:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.08 13:03:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.07 20:07:58 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.07 20:06:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.07 20:06:55 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys [2013.05.07 20:04:45 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02 [2013.05.07 20:04:45 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr [2013.05.07 20:04:45 | 000,000,638 | -H-- | M] () -- C:\bdr-cf02 [2013.05.07 19:47:30 | 000,377,856 | ---- | M] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe [2013.05.07 17:50:44 | 000,081,989 | ---- | M] () -- C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip [2013.05.06 18:28:45 | 000,001,333 | ---- | M] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk [2013.05.06 17:34:00 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.06 17:34:00 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.06 17:34:00 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.06 17:34:00 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.06 17:34:00 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.04 13:42:06 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk [2013.05.04 13:42:06 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk [2013.05.03 16:26:25 | 000,537,967 | ---- | M] () -- C:\Users\Marko\Desktop\BRuno-Mars.jpg [2013.05.03 16:25:48 | 000,163,373 | ---- | M] () -- C:\Users\Marko\Desktop\Bruno-3-bruno-mars-18630239-1280-720.jpg [2013.05.03 16:15:33 | 000,001,323 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk [2013.05.03 16:15:33 | 000,000,214 | ---- | M] () -- C:\Users\Public\Desktop\Your Software Deals.url [2013.05.02 19:55:40 | 000,272,870 | ---- | M] () -- C:\Users\Marko\Desktop\hm.oxps [2013.04.29 18:01:36 | 000,718,840 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2013.04.29 18:01:33 | 000,593,144 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2013.04.28 16:34:10 | 000,001,011 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.28 16:33:55 | 000,000,979 | ---- | M] () -- C:\Users\Marko\Desktop\Dropbox.lnk [2013.04.24 15:21:26 | 000,427,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.17 16:41:29 | 000,000,450 | ---- | M] () -- C:\Windows\ESIDATA.ini [2013.04.12 17:39:26 | 009,892,886 | ---- | M] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg [2013.04.12 17:19:12 | 038,516,263 | -H-- | M] () -- C:\bdr-im02.gz [2013.04.09 15:35:57 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk ========== Files Created - No Company Name ========== [2013.05.08 07:22:54 | 000,081,989 | ---- | C] () -- C:\Users\Marko\Desktop\Mahngebühren 07.05.2013 Rechnungsdaten.zip [2013.05.07 19:47:29 | 000,377,856 | ---- | C] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe [2013.05.06 18:28:45 | 000,001,333 | ---- | C] () -- C:\Users\Public\Desktop\NAVIGON Fresh.lnk [2013.05.04 13:42:06 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk [2013.05.04 13:42:06 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk [2013.05.03 16:26:24 | 000,537,967 | ---- | C] () -- C:\Users\Marko\Desktop\BRuno-Mars.jpg [2013.05.03 16:25:46 | 000,163,373 | ---- | C] () -- C:\Users\Marko\Desktop\Bruno-3-bruno-mars-18630239-1280-720.jpg [2013.05.03 16:15:35 | 000,001,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk [2013.05.03 16:15:33 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk [2013.05.03 16:15:33 | 000,000,214 | ---- | C] () -- C:\Users\Public\Desktop\Your Software Deals.url [2013.05.02 19:55:38 | 000,272,870 | ---- | C] () -- C:\Users\Marko\Desktop\hm.oxps [2013.04.24 15:21:05 | 000,427,672 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.13 10:31:41 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.04.12 17:39:25 | 009,892,886 | ---- | C] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg [2013.02.10 13:03:37 | 000,001,845 | ---- | C] () -- C:\Windows\RBSystem.ini [2013.02.10 13:00:20 | 000,487,424 | ---- | C] () -- C:\Windows\esi_kl02.dat [2013.02.10 13:00:11 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll [2013.02.10 13:00:11 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll [2013.02.10 12:57:31 | 000,000,450 | ---- | C] () -- C:\Windows\ESIDATA.ini [2013.01.17 20:07:07 | 000,010,495 | ---- | C] () -- C:\Users\Marko\Giemza_elster_2048.pfx [2013.01.16 19:27:39 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2013.01.07 22:28:20 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.01.07 21:53:41 | 000,833,203 | ---- | C] () -- C:\ProgramData\1357587953.bdinstall.bin [2013.01.07 19:36:11 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2013.01.07 18:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.21 12:02:51 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.08.21 12:02:51 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.08.21 12:02:50 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:EFC37D883532D176 < End of report > und Extras.txt Code:
ATTFilter OTL Extras logfile created on: 08.05.2013 16:21:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marko\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 76,18% Memory free
9,14 Gb Paging File | 6,06 Gb Available in Paging File | 66,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 235,13 Gb Free Space | 54,73% Space Free | Partition Type: NTFS
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B67A012-530F-487F-8744-C85905817542}" = rport=139 | protocol=6 | dir=out | app=system |
"{446D36E8-CE1B-4AE2-B189-11315C3B9F4B}" = lport=137 | protocol=17 | dir=in | app=system |
"{5F88CE16-0456-454E-88FA-C33FB6EEBA45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8157D7CE-C3BE-494A-9CBC-191602F020C0}" = lport=138 | protocol=17 | dir=in | app=system |
"{87357BE7-DFB5-497C-830D-88BF6DC2CC4F}" = rport=138 | protocol=17 | dir=out | app=system |
"{A39C0676-B7EB-4162-B340-AC76A81E2B88}" = lport=139 | protocol=6 | dir=in | app=system |
"{B9996B19-5F3E-4B9A-B5AC-1D2BD09F356F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BCF80F47-52D9-4241-BD54-988962F7AD33}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DDA10B1A-A66F-4447-B8FF-6CE20F5C78C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E079E5F6-AA2C-4A2F-BB5E-9826388EB22C}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9926664-36AC-4D06-98E3-3291D41A94E0}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC766ABB-93DC-4100-B523-100EDF362CE5}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00ECA4DC-00B8-496A-BF32-C9C08E612A31}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{09F6DFE9-C7EA-423E-AF26-352C0487AD27}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0CA370D9-B9BC-467E-A63D-45204175A0B9}" = dir=out | name=vaio message center |
"{0E5736F9-AE6B-43AA-AC55-F6157D8B890B}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{0EAB9AF2-21B2-4172-9159-CCA15E1D9BEC}" = dir=out | name=skype |
"{13428441-3A61-4C01-904B-E1CEDC12178A}" = dir=in | app=c:\program files (x86)\easeus\todo backup\bin\agent.exe |
"{1406A805-76F1-4E42-B731-7370515E39C5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{15FC0E39-0946-4084-BDF1-CBB3653CDB39}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{189F9733-3B07-4D60-9BFF-18DB27864FAF}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{1E0A688D-CF0A-489D-B3E2-F03A3F96AC92}" = dir=out | name=taptiles |
"{2033F014-E55B-42A3-9AB2-289E02BE2012}" = protocol=6 | dir=in | app=c:\users\marko\appdata\roaming\icqm\icq.exe |
"{2197E56C-6CA9-4578-9FC1-281C1783AF03}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{23980FDF-89CA-4EE8-9FE0-2EE2C947962A}" = dir=out | name=wordament |
"{2E348A73-80EC-4A4D-8515-AAED420F07BE}" = dir=out | name=microsoft solitaire collection |
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{398AF777-A5EE-4EB7-9C87-82BF703E6AB0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3FE957CC-D8F7-45A3-A166-D624D43AC03E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{497D0586-BA95-4882-AE19-639CEC842644}" = dir=out | name=vaio care |
"{4EEE9642-A5DA-446C-AFE2-FFCB121B063B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{55559C1B-65CB-4C62-B251-7F3819003ABD}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{580937EA-59F4-4794-BF05-5C766D1F1EB4}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5CDCDA88-7853-441F-A227-C3BAC69EFFCA}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{635FBCC7-72FA-44EF-B82D-83AB93263D91}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{635FF58A-238B-4E2F-B3D9-2DC674B90677}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{636A93AF-AEFA-41D8-A7FB-2C5E9D7FE33B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{63FD2FC4-2B70-483E-9D95-08F4C45BD3B9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{64C258E5-4936-4745-A843-570AA640F399}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{67EEB5FB-6347-47F7-906A-CB0EB9B8C1A7}" = protocol=17 | dir=in | app=c:\users\marko\appdata\roaming\dropbox\bin\dropbox.exe |
"{68852BB5-9329-445B-B29F-13260CEB75CA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6A53B637-B1E1-437D-8409-AA36DC036853}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D681D40-3D23-441D-A9DE-C943D642989D}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7031F3CD-F1E9-4CEF-AC9E-A3C6CF9194BD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{731CA0C7-5ACB-4096-884F-2D355C1E949B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{7525D5AE-C1CA-4CF1-BED1-9CEE16C462C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{754EBAEF-A201-4AD5-9CFB-DCFB049F119A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7A0A2EFB-EDBC-49F0-B65D-2F03B90D8C1D}" = protocol=6 | dir=in | app=c:\users\marko\appdata\roaming\dropbox\bin\dropbox.exe |
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{8252E45A-4D8D-4348-8C77-B83BB41644D3}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{835A9235-9566-4304-954E-CD884EC88CF6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{83E2E907-9395-4D63-AB8A-DD00CE11D333}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{868496DD-F98E-4763-8EBD-6619907BFE0E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{89F8DFA5-5501-4837-83A1-6C7C64F7987D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{968A5FEC-4812-473D-A0FB-DEE91DDD8160}" = dir=out | name=- games app - |
"{9CDD23A8-8C81-489A-8748-BA8B09EA5536}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A4BD47E3-2029-471B-97F7-17875FAE8F19}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{ACA690C8-511B-47D5-A499-C14F020A52C7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B9F4A035-76DF-4DDF-A47F-764A7296D122}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BA165C4B-DB1A-449A-8FF1-A86BC1DEED55}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{BB3CB4C7-AC77-4705-8BA3-D4C08E5B5982}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BB5E580F-B2C7-4205-A7D7-D717B47876DA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{BC58297B-EE50-4AC4-926C-BBCAB42EBEF4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C4A2094D-9DCE-4B26-BF05-9CF7BBC0A4FF}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{CBD5088B-5DFA-4372-82DE-A916A18E3423}" = dir=in | name=ebay |
"{CC970FF0-9E7A-49F1-B473-8C836A2AE484}" = protocol=17 | dir=in | app=c:\users\marko\appdata\roaming\icqm\icq.exe |
"{D37AF21B-48FB-42C8-A82B-B6B371D299B2}" = dir=out | name=ebay |
"{D7D6B0BA-36E9-4CD6-9D4D-49D94E86B57F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D98C671B-3B4F-4494-8E92-8AECEEA9DA20}" = dir=in | name=vaio care |
"{DD77E645-8EC6-4903-826C-5C6FAD8EF8A4}" = dir=in | name=skype |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{FC361129-1BFB-4267-89D2-6B93564A5CE2}" = dir=out | name=microsoft minesweeper |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"{FE1AFA4C-AE2E-46F5-BA5C-3EE82717FABB}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{197F2BEF-2705-406E-8CEB-8E404FFFE414}" = VMLite Workstation
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.04
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{6466EF6E-700E-470F-94CB-D0050302C84E}" = Remote Keyboard
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1" = Mouse Recorder Pro 2.0.7.4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)soft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{9520BD31-226A-4D5D-B900-6C0CDBA75BF0}_is1" = Onlinesupport 5.0.8232 QS
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FA653F5B-483A-4E92-BF75-BB3BBF1D550D}" = LogMeIn
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"0630-0716-3135-7887" = JDownloader 2
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AviSynth" = AviSynth 2.5
"Bosch Viewer" = Bosch Viewer
"Canon MG5300 series Benutzerregistrierung" = Canon MG5300 series Benutzerregistrierung
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CloneCD" = CloneCD
"DAEMON Tools Lite" = DAEMON Tools Lite
"DKB-Cashback" = DKB-Cashback
"dreamboxEDIT" = dreamboxEDIT -- The one and only settings editor for your Dreambox
"ESET Online Scanner" = ESET Online Scanner v3
"ESI[tronic]" = ESI[tronic]
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"OpenSSH" = OpenSSH for Windows (remove only)
"Opera 12.15.1748" = Opera 12.15
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
"Your Software Deals_is1" = Your Software Deals
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"ICQ" = ICQ 8.0 (build 5981, für aktuellen Benutzer)
"XBMC" = XBMC
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.04.2013 06:22:00 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
Version: 11.7.700.169, Zeitstempel: 0x5155fb9a Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset:
0x752b2366 ID des fehlerhaften Prozesses: 0x90c4 Startzeit der fehlerhaften Anwendung:
0x01ce38f9e50b6e74 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 23d78cd1-a4ed-11e2-be82-a41731cdefea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 14.04.2013 06:22:37 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
Version: 11.7.700.169, Zeitstempel: 0x5155fb9a Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc00001a5 Fehleroffset:
0x011449b0 ID des fehlerhaften Prozesses: 0x9240 Startzeit der fehlerhaften Anwendung:
0x01ce38f9fc6078ea Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 3a55c1dd-a4ed-11e2-be82-a41731cdefea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 14.04.2013 06:22:39 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_169.exe,
Version: 11.7.700.169, Zeitstempel: 0x5155fb9a Name des fehlerhaften Moduls: unknown,
Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset:
0x752b2366 ID des fehlerhaften Prozesses: 0x9240 Startzeit der fehlerhaften Anwendung:
0x01ce38f9fc6078ea Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 3b5f4892-a4ed-11e2-be82-a41731cdefea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 14.04.2013 10:07:04 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 36f4 Startzeit:
01ce3918bf99b511 Endzeit: 6192 Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe
Berichts-ID:
8d4a98d4-a50c-11e2-be82-a41731cdefea Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 14.04.2013 10:14:20 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 77c8 Startzeit:
01ce39198f1b46f9 Endzeit: 1028 Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe
Berichts-ID:
95ab0ffe-a50d-11e2-be82-a41731cdefea Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 14.04.2013 10:34:44 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 11.9.1.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9024 Startzeit:
01ce391c3ff99197 Endzeit: 1045 Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe
Berichts-ID:
6f22bdba-a510-11e2-be82-a41731cdefea Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 14.04.2013 11:56:59 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm XBMC.exe, Version 12.1.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 83b4 Startzeit:
01ce39284c3e9207 Endzeit: 1054 Anwendungspfad: C:\Program Files (x86)\XBMC\XBMC.exe
Berichts-ID:
ec638aac-a51b-11e2-be82-a41731cdefea Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 13:10:08 | Computer Name = Marco | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 10.0.9200.16519 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 8024 Startzeit: 01ce3abce65fae39 Endzeit: 244 Anwendungspfad:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Berichts-ID: 7863a006-a6b8-11e2-be82-a41731cdefea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 17.04.2013 10:38:20 | Computer Name = Marco | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: cygrunsrv.exe, Version: 0.0.0.0,
Zeitstempel: 0x40826252 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16420,
Zeitstempel: 0x505aaa82 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004f651 ID des fehlerhaften
Prozesses: 0x5bc Startzeit der fehlerhaften Anwendung: 0x01ce3b7920ebd67c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe Pfad des
fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 72840982-a76c-11e2-be83-a41731cdefea
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 23.04.2013 13:08:48 | Computer Name = Marco | Source = SampleCollector | ID = 131331
Description = CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht
auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
[ System Events ]
Error - 30.04.2013 14:31:15 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:32:47 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:34:19 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:35:50 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:37:22 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:38:54 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:40:26 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:41:57 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:43:29 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 30.04.2013 14:45:01 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
< End of report >
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.08.02
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
Marko :: MARCO [administrator]
08.05.2013 13:22:41
mbar-log-2013-05-08 (13-22-41).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 7597
Time elapsed: 9 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
09.05.2013, 08:35
| #7 |
| | Mahnung mit Anhang handyshop.de So , bei ausführen von GMER habe ich folgende Meldung bekommen: "C:\Windows\system32\config\system. Der Prozess kann nicht auf die Datei zugreifen, da von einenn anderen Prozess verwendet wird". Dann beim Scan auch 2 Meldungen: Gleich wie der erste bei Datei C:\Windows\system32\ole32.ddl C :\Users\Marco\ntuser.dat ich kann den Log nicht als Code posten , weil er zu groß ist deshalb habe ich Anhang gemacht. |
|
09.05.2013, 16:53
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mahnung mit Anhang handyshop.de aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.05.2013, 19:22
| #9 |
| | Mahnung mit Anhang handyshop.de Habe heute zu sicherheit systemauffrischung bei win 8 gemacht und danach die scans. Hier sind die logs: awsmbr Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 19:59:48
-----------------------------
19:59:48.469 OS Version: Windows x64 6.2.9200
19:59:48.469 Number of processors: 4 586 0x3A09
19:59:48.484 ComputerName: MARCO UserName: Marko
19:59:48.516 Initialze error 1
20:01:54.836 AVAST engine defs: 13050900
20:02:06.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
20:02:06.806 Disk 0 Vendor: WDC_WD5000BPVT-55HXZT4 01.01A01 Size: 476940MB BusType: 11
20:02:06.806 Disk 0 MBR read successfully
20:02:06.806 Disk 0 MBR scan
20:02:06.868 Disk 0 Windows 7 default MBR code
20:02:06.868 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
20:02:06.868 Disk 0 scanning C:\Windows\system32\drivers
20:02:06.868 Service scanning
20:02:07.406 Modules scanning
20:02:07.406 Disk 0 trace - called modules:
20:02:07.406 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
20:02:07.422 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800952c060]
20:02:07.422 3 CLASSPNP.SYS[fffff8800163cfea] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8007c39060]
20:02:07.437 AVAST engine scan C:\Windows
20:02:07.437 AVAST engine scan C:\Windows\system32
20:02:07.437 AVAST engine scan C:\Windows\system32\drivers
20:02:07.437 AVAST engine scan C:\Users\Marko
20:02:07.453 AVAST engine scan C:\ProgramData
20:02:07.453 Scan finished successfully
20:02:20.697 Disk 0 MBR has been saved successfully to "C:\Users\Marko\Desktop\MBR.dat"
20:02:20.776 The log file has been saved successfully to "C:\Users\Marko\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-09 20:03:27
-----------------------------
20:03:27.318 OS Version: Windows x64 6.2.9200
20:03:27.318 Number of processors: 4 586 0x3A09
20:03:27.318 ComputerName: MARCO UserName: Marko
20:03:27.318 Initialze error 1
20:03:34.975 AVAST engine defs: 13050900
20:03:41.897 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
20:03:41.897 Disk 0 Vendor: WDC_WD5000BPVT-55HXZT4 01.01A01 Size: 476940MB BusType: 11
20:03:41.913 Disk 0 MBR read successfully
20:03:41.913 Disk 0 MBR scan
20:03:41.991 Disk 0 Windows 7 default MBR code
20:03:41.991 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
20:03:41.991 Disk 0 scanning C:\Windows\system32\drivers
20:03:41.991 Service scanning
20:03:42.710 Modules scanning
20:03:42.710 Disk 0 trace - called modules:
20:03:42.710 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
20:03:42.725 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800952c060]
20:03:42.725 3 CLASSPNP.SYS[fffff8800163cfea] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8007c39060]
20:03:42.741 AVAST engine scan C:\
20:03:42.741 Scan finished successfully
20:04:13.719 Disk 0 MBR has been saved successfully to "C:\Users\Marko\Desktop\MBR.dat"
20:04:13.766 The log file has been saved successfully to "C:\Users\Marko\Desktop\aswMBR.txt"
Code:
ATTFilter 20:05:06.0209 5196 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:05:06.0209 5196 UEFI system
20:05:06.0490 5196 ============================================================
20:05:06.0490 5196 Current date / time: 2013/05/09 20:05:06.0490
20:05:06.0490 5196 SystemInfo:
20:05:06.0490 5196
20:05:06.0490 5196 OS Version: 6.2.9200 ServicePack: 0.0
20:05:06.0490 5196 Product type: Workstation
20:05:06.0490 5196 ComputerName: MARCO
20:05:06.0490 5196 UserName: Marko
20:05:06.0490 5196 Windows directory: C:\Windows
20:05:06.0490 5196 System windows directory: C:\Windows
20:05:06.0490 5196 Running under WOW64
20:05:06.0490 5196 Processor architecture: Intel x64
20:05:06.0490 5196 Number of processors: 4
20:05:06.0490 5196 Page size: 0x1000
20:05:06.0490 5196 Boot type: Normal boot
20:05:06.0490 5196 ============================================================
20:05:07.0538 5196 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:05:07.0538 5196 ============================================================
20:05:07.0538 5196 \Device\Harddisk0\DR0:
20:05:07.0554 5196 GPT partitions:
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {066F58F5-DD1A-4823-9A4A-1AE531D50C12}, Name: , StartLBA 0x800, BlocksNum 0x82000
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A0AA4381-2A0B-499E-B43F-B9CAEC93FBF0}, Name: , StartLBA 0x82800, BlocksNum 0x2E1000
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {842F8397-1C6A-423B-8CB5-4E4FF683C4D8}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E4DE1638-4AD3-4ABE-A1F4-4A0E1DB4EFAD}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {48DB52CC-5E8C-454C-83F2-B0D2A8BED6A2}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x35B52800
20:05:07.0554 5196 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3EB0F755-DF25-4DA6-86F0-A076B5902345}, Name: , StartLBA 0x35F78000, BlocksNum 0x440E000
20:05:07.0554 5196 MBR partitions:
20:05:07.0554 5196 ============================================================
20:05:07.0585 5196 C: <-> \Device\Harddisk0\DR0\Partition5
20:05:07.0585 5196 ============================================================
20:05:07.0585 5196 Initialize success
20:05:07.0585 5196 ============================================================
20:05:13.0109 2992 ============================================================
20:05:13.0109 2992 Scan started
20:05:13.0109 2992 Mode: Manual;
20:05:13.0109 2992 ============================================================
20:05:13.0907 2992 ================ Scan system memory ========================
20:05:13.0907 2992 System memory - ok
20:05:13.0907 2992 ================ Scan services =============================
20:05:14.0597 2992 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:05:14.0613 2992 1394ohci - ok
20:05:14.0629 2992 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\Windows\system32\drivers\3ware.sys
20:05:14.0629 2992 3ware - ok
20:05:14.0660 2992 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:05:14.0660 2992 ACPI - ok
20:05:14.0675 2992 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:05:14.0675 2992 acpiex - ok
20:05:14.0691 2992 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:05:14.0754 2992 acpipagr - ok
20:05:14.0785 2992 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:05:14.0847 2992 AcpiPmi - ok
20:05:14.0863 2992 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:05:14.0879 2992 acpitime - ok
20:05:14.0910 2992 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:05:14.0925 2992 adp94xx - ok
20:05:14.0925 2992 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:05:14.0941 2992 adpahci - ok
20:05:14.0957 2992 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:05:14.0957 2992 adpu320 - ok
20:05:15.0004 2992 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:05:15.0004 2992 AeLookupSvc - ok
20:05:15.0050 2992 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\Windows\system32\drivers\afd.sys
20:05:15.0050 2992 AFD - ok
20:05:15.0066 2992 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:05:15.0066 2992 agp440 - ok
20:05:15.0097 2992 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\Windows\System32\alg.exe
20:05:15.0113 2992 ALG - ok
20:05:15.0113 2992 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:05:15.0129 2992 AllUserInstallAgent - ok
20:05:15.0160 2992 [ 1F500945F87AA517BD2F049256B304DD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:05:15.0160 2992 AMD External Events Utility - ok
20:05:15.0191 2992 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:05:15.0207 2992 AmdK8 - ok
20:05:15.0582 2992 [ 2A831A7F9031B5BBA6EF189381D65228 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:05:15.0864 2992 amdkmdag - ok
20:05:15.0895 2992 [ B9ACB2AA40709E060CDC34F13F1C9C8F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:05:15.0910 2992 amdkmdap - ok
20:05:15.0926 2992 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:05:15.0926 2992 AmdPPM - ok
20:05:15.0957 2992 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:05:15.0957 2992 amdsata - ok
20:05:15.0973 2992 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:05:16.0004 2992 amdsbs - ok
20:05:16.0020 2992 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:05:16.0020 2992 amdxata - ok
20:05:16.0020 2992 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\Windows\system32\drivers\appid.sys
20:05:16.0051 2992 AppID - ok
20:05:16.0082 2992 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:05:16.0082 2992 AppIDSvc - ok
20:05:16.0082 2992 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\Windows\System32\appinfo.dll
20:05:16.0082 2992 Appinfo - ok
20:05:16.0098 2992 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\Windows\system32\drivers\arc.sys
20:05:16.0098 2992 arc - ok
20:05:16.0114 2992 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:05:16.0161 2992 arcsas - ok
20:05:16.0192 2992 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:05:16.0192 2992 AsyncMac - ok
20:05:16.0207 2992 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:05:16.0207 2992 atapi - ok
20:05:16.0239 2992 [ 4885C14A6AB6969B5773A42DA0BA3DA4 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:05:16.0254 2992 AthBTPort - ok
20:05:16.0426 2992 [ 8F60017273DCD46CDCC9A0AD881F7B32 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:05:16.0426 2992 AtherosSvc - ok
20:05:16.0567 2992 [ F17ABC4AA1FE4989E812858261414FE5 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
20:05:16.0739 2992 athr - ok
20:05:16.0786 2992 [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
20:05:16.0801 2992 AtiHDAudioService - ok
20:05:16.0832 2992 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:05:16.0832 2992 AudioEndpointBuilder - ok
20:05:16.0895 2992 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:05:16.0911 2992 Audiosrv - ok
20:05:17.0036 2992 [ AAE1DAE483DD57D0E267FCA42FCB5133 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
20:05:17.0051 2992 avc3 - ok
20:05:17.0098 2992 [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
20:05:17.0098 2992 avchv - ok
20:05:17.0129 2992 [ 8183B715BD56561C27BEBB68B1192B7A ] avckf C:\Windows\system32\DRIVERS\avckf.sys
20:05:17.0145 2992 avckf - ok
20:05:17.0176 2992 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:05:17.0192 2992 AxInstSV - ok
20:05:17.0239 2992 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:05:17.0239 2992 b06bdrv - ok
20:05:17.0270 2992 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:05:17.0270 2992 BasicDisplay - ok
20:05:17.0270 2992 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:05:17.0286 2992 BasicRender - ok
20:05:17.0567 2992 [ EBD3B67D51F58F45FBDA2BDE853322AA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
20:05:17.0582 2992 BdDesktopParental - ok
20:05:17.0645 2992 [ 1942D00BBAA28F4104EFD7F66453749D ] bdelam C:\Windows\system32\drivers\bdelam.sys
20:05:17.0645 2992 bdelam - ok
20:05:17.0676 2992 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\Windows\System32\bdesvc.dll
20:05:17.0692 2992 BDESVC - ok
20:05:17.0817 2992 [ 33BDE38294A142D068C32B2360B7D1C9 ] BdfNdisf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys
20:05:17.0817 2992 BdfNdisf - ok
20:05:17.0848 2992 [ 641F901CA6B9A90077FA92BE5EC1E789 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
20:05:17.0848 2992 bdfwfpf - ok
20:05:17.0895 2992 [ E311541A584A29C0D91DD73730B1DCBE ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
20:05:17.0911 2992 BDSandBox - ok
20:05:17.0989 2992 [ 81BBCB11A9F88B5547EF1326351B7CDE ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
20:05:18.0020 2992 BDVEDISK - ok
20:05:18.0051 2992 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\Windows\system32\drivers\Beep.sys
20:05:18.0051 2992 Beep - ok
20:05:18.0098 2992 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\Windows\System32\bfe.dll
20:05:18.0114 2992 BFE - ok
20:05:18.0223 2992 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\Windows\System32\qmgr.dll
20:05:18.0254 2992 BITS - ok
20:05:18.0270 2992 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:05:18.0270 2992 bowser - ok
20:05:18.0317 2992 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:05:18.0317 2992 BrokerInfrastructure - ok
20:05:18.0364 2992 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\Windows\System32\browser.dll
20:05:18.0364 2992 Browser - ok
20:05:18.0395 2992 [ 942F3F6286056D6BBB5B02ED2B7088BD ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:05:18.0411 2992 BTATH_A2DP - ok
20:05:18.0442 2992 [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:05:18.0458 2992 btath_avdt - ok
20:05:18.0473 2992 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
20:05:18.0473 2992 BTATH_BUS - ok
20:05:18.0489 2992 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
20:05:18.0489 2992 BTATH_HCRP - ok
20:05:18.0504 2992 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:05:18.0504 2992 BTATH_LWFLT - ok
20:05:18.0520 2992 [ EC7BB341229E9E6B04349580F55218B2 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
20:05:18.0536 2992 BTATH_RCP - ok
20:05:18.0551 2992 [ AABB87C9AE0537A6DCDAC8AE11CC1F5A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys
20:05:18.0551 2992 BTATH_VDP - ok
20:05:18.0583 2992 [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:05:18.0583 2992 BtFilter - ok
20:05:18.0629 2992 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:05:18.0645 2992 BthAvrcpTg - ok
20:05:18.0692 2992 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
20:05:18.0692 2992 BthEnum - ok
20:05:18.0739 2992 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:05:18.0739 2992 BthHFEnum - ok
20:05:18.0754 2992 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:05:18.0770 2992 bthhfhid - ok
20:05:18.0786 2992 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
20:05:18.0801 2992 BthLEEnum - ok
20:05:18.0817 2992 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:05:18.0817 2992 BTHMODEM - ok
20:05:18.0895 2992 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:05:18.0911 2992 BthPan - ok
20:05:18.0989 2992 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:05:19.0036 2992 BTHPORT - ok
20:05:19.0083 2992 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\Windows\system32\bthserv.dll
20:05:19.0083 2992 bthserv - ok
20:05:19.0114 2992 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:05:19.0114 2992 BTHUSB - ok
20:05:19.0129 2992 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:05:19.0145 2992 cdfs - ok
20:05:19.0145 2992 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:05:19.0161 2992 cdrom - ok
20:05:19.0176 2992 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\Windows\System32\certprop.dll
20:05:19.0176 2992 CertPropSvc - ok
20:05:19.0192 2992 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\Windows\System32\drivers\circlass.sys
20:05:19.0194 2992 circlass - ok
20:05:19.0194 2992 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:05:19.0210 2992 CLFS - ok
20:05:19.0257 2992 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
20:05:19.0257 2992 CLVirtualDrive - ok
20:05:19.0288 2992 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:05:19.0288 2992 CmBatt - ok
20:05:19.0335 2992 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\Windows\system32\Drivers\cng.sys
20:05:19.0335 2992 CNG - ok
20:05:19.0350 2992 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:05:19.0350 2992 CompositeBus - ok
20:05:19.0350 2992 COMSysApp - ok
20:05:19.0350 2992 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\Windows\system32\drivers\condrv.sys
20:05:19.0350 2992 condrv - ok
20:05:19.0382 2992 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:05:19.0397 2992 CryptSvc - ok
20:05:19.0428 2992 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\Windows\system32\drivers\dam.sys
20:05:19.0428 2992 dam - ok
20:05:19.0475 2992 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\Windows\system32\rpcss.dll
20:05:19.0507 2992 DcomLaunch - ok
20:05:19.0553 2992 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:05:19.0569 2992 defragsvc - ok
20:05:19.0616 2992 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
20:05:19.0632 2992 DeviceAssociationService - ok
20:05:19.0647 2992 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:05:19.0663 2992 DeviceInstall - ok
20:05:19.0694 2992 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:05:19.0694 2992 Dfsc - ok
20:05:19.0741 2992 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:05:19.0741 2992 Dhcp - ok
20:05:19.0741 2992 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\Windows\system32\drivers\discache.sys
20:05:19.0757 2992 discache - ok
20:05:19.0757 2992 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\Windows\system32\drivers\disk.sys
20:05:19.0757 2992 disk - ok
20:05:19.0772 2992 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:05:19.0772 2992 dmvsc - ok
20:05:19.0803 2992 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:05:19.0803 2992 Dnscache - ok
20:05:19.0850 2992 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\Windows\System32\dot3svc.dll
20:05:19.0866 2992 dot3svc - ok
20:05:19.0882 2992 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\Windows\system32\dps.dll
20:05:19.0882 2992 DPS - ok
20:05:19.0928 2992 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:05:19.0928 2992 drmkaud - ok
20:05:19.0960 2992 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:05:19.0975 2992 DsmSvc - ok
20:05:20.0038 2992 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:05:20.0085 2992 DXGKrnl - ok
20:05:20.0132 2992 [ CFE0E3D5EFBF0649E5900CBFCC2B95F7 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
20:05:20.0132 2992 e1yexpress - ok
20:05:20.0147 2992 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\Windows\System32\eapsvc.dll
20:05:20.0163 2992 Eaphost - ok
20:05:20.0272 2992 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:05:20.0366 2992 ebdrv - ok
20:05:20.0397 2992 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\Windows\System32\lsass.exe
20:05:20.0413 2992 EFS - ok
20:05:20.0413 2992 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:05:20.0413 2992 EhStorClass - ok
20:05:20.0429 2992 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:05:20.0429 2992 EhStorTcgDrv - ok
20:05:20.0429 2992 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:05:20.0444 2992 ErrDev - ok
20:05:20.0475 2992 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\Windows\system32\es.dll
20:05:20.0491 2992 EventSystem - ok
20:05:20.0507 2992 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\Windows\system32\drivers\exfat.sys
20:05:20.0522 2992 exfat - ok
20:05:20.0522 2992 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:05:20.0538 2992 fastfat - ok
20:05:20.0600 2992 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\Windows\system32\fxssvc.exe
20:05:20.0647 2992 Fax - ok
20:05:20.0647 2992 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\Windows\System32\drivers\fdc.sys
20:05:20.0647 2992 fdc - ok
20:05:20.0679 2992 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\Windows\system32\fdPHost.dll
20:05:20.0679 2992 fdPHost - ok
20:05:20.0694 2992 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\Windows\system32\fdrespub.dll
20:05:20.0710 2992 FDResPub - ok
20:05:20.0741 2992 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\Windows\system32\fhsvc.dll
20:05:20.0741 2992 fhsvc - ok
20:05:20.0741 2992 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:05:20.0741 2992 FileInfo - ok
20:05:20.0757 2992 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:05:20.0757 2992 Filetrace - ok
20:05:20.0757 2992 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:05:20.0788 2992 flpydisk - ok
20:05:20.0804 2992 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:05:20.0804 2992 FltMgr - ok
20:05:20.0866 2992 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\Windows\system32\FntCache.dll
20:05:20.0897 2992 FontCache - ok
20:05:21.0022 2992 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:05:21.0038 2992 FontCache3.0.0.0 - ok
20:05:21.0038 2992 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:05:21.0038 2992 FsDepends - ok
20:05:21.0054 2992 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:05:21.0054 2992 Fs_Rec - ok
20:05:21.0100 2992 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:05:21.0100 2992 fvevol - ok
20:05:21.0147 2992 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:05:21.0147 2992 FxPPM - ok
20:05:21.0164 2992 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:05:21.0180 2992 gagp30kx - ok
20:05:21.0242 2992 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:05:21.0273 2992 GamesAppService - ok
20:05:21.0308 2992 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:05:21.0308 2992 gencounter - ok
20:05:21.0339 2992 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:05:21.0339 2992 GPIOClx0101 - ok
20:05:21.0417 2992 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\Windows\System32\gpsvc.dll
20:05:21.0448 2992 gpsvc - ok
20:05:21.0511 2992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate c:\program files (x86)\google\update\googleupdate.exe
20:05:21.0511 2992 gupdate - ok
20:05:21.0526 2992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem c:\program files (x86)\google\update\googleupdate.exe
20:05:21.0526 2992 gupdatem - ok
20:05:21.0573 2992 [ DB8A82239139348D6666434128D6F5DC ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
20:05:21.0589 2992 gzflt - ok
20:05:21.0636 2992 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:05:21.0651 2992 HdAudAddService - ok
20:05:21.0698 2992 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:05:21.0698 2992 HDAudBus - ok
20:05:21.0738 2992 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:05:21.0738 2992 HidBatt - ok
20:05:21.0748 2992 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:05:21.0748 2992 HidBth - ok
20:05:21.0811 2992 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:05:21.0811 2992 hidi2c - ok
20:05:21.0826 2992 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:05:21.0826 2992 HidIr - ok
20:05:21.0873 2992 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\Windows\system32\hidserv.dll
20:05:21.0873 2992 hidserv - ok
20:05:21.0889 2992 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:05:21.0889 2992 HidUsb - ok
20:05:21.0920 2992 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:05:21.0920 2992 hkmsvc - ok
20:05:21.0967 2992 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:05:21.0967 2992 HomeGroupListener - ok
20:05:22.0045 2992 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:05:22.0045 2992 HomeGroupProvider - ok
20:05:22.0061 2992 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:05:22.0061 2992 HpSAMD - ok
20:05:22.0123 2992 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:05:22.0139 2992 HTTP - ok
20:05:22.0186 2992 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:05:22.0186 2992 hwpolicy - ok
20:05:22.0186 2992 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:05:22.0186 2992 hyperkbd - ok
20:05:22.0202 2992 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:05:22.0217 2992 HyperVideo - ok
20:05:22.0217 2992 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:05:22.0233 2992 i8042prt - ok
20:05:22.0295 2992 [ F5A9FBAE160BD1837C2F1B85324A6762 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
20:05:22.0295 2992 iaStorA - ok
20:05:22.0311 2992 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:05:22.0327 2992 iaStorV - ok
20:05:22.0436 2992 [ 15C9BF6968A0990D8F4161A6ABEB7229 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:05:22.0452 2992 IconMan_R - ok
20:05:22.0467 2992 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:05:22.0467 2992 iirsp - ok
20:05:22.0498 2992 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\Windows\System32\ikeext.dll
20:05:22.0530 2992 IKEEXT - ok
20:05:22.0656 2992 [ DDC860724AEF8F8E42AC61E6585769C6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:05:22.0796 2992 IntcAzAudAddService - ok
20:05:22.0859 2992 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:05:22.0874 2992 Intel(R) Capability Licensing Service Interface - ok
20:05:22.0968 2992 [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:05:22.0968 2992 Intel(R) ME Service - ok
20:05:22.0984 2992 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\Windows\system32\drivers\intelide.sys
20:05:22.0984 2992 intelide - ok
20:05:23.0031 2992 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:05:23.0031 2992 intelppm - ok
20:05:23.0062 2992 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:05:23.0062 2992 IpFilterDriver - ok
20:05:23.0124 2992 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:05:23.0156 2992 iphlpsvc - ok
20:05:23.0171 2992 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:05:23.0171 2992 IPMIDRV - ok
20:05:23.0187 2992 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:05:23.0187 2992 IPNAT - ok
20:05:23.0218 2992 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:05:23.0234 2992 IRENUM - ok
20:05:23.0249 2992 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:05:23.0249 2992 isapnp - ok
20:05:23.0281 2992 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:05:23.0296 2992 iScsiPrt - ok
20:05:23.0296 2992 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:05:23.0296 2992 jhi_service - ok
20:05:23.0312 2992 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:05:23.0312 2992 kbdclass - ok
20:05:23.0312 2992 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:05:23.0327 2992 kbdhid - ok
20:05:23.0343 2992 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:05:23.0343 2992 kdnic - ok
20:05:23.0374 2992 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\Windows\system32\lsass.exe
20:05:23.0374 2992 KeyIso - ok
20:05:23.0390 2992 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:05:23.0406 2992 KSecDD - ok
20:05:23.0421 2992 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:05:23.0421 2992 KSecPkg - ok
20:05:23.0453 2992 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:05:23.0453 2992 ksthunk - ok
20:05:23.0499 2992 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:05:23.0499 2992 KtmRm - ok
20:05:23.0578 2992 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\Windows\system32\srvsvc.dll
20:05:23.0578 2992 LanmanServer - ok
20:05:23.0624 2992 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:05:23.0624 2992 LanmanWorkstation - ok
20:05:23.0640 2992 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:05:23.0640 2992 lltdio - ok
20:05:23.0671 2992 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:05:23.0687 2992 lltdsvc - ok
20:05:23.0703 2992 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:05:23.0703 2992 lmhosts - ok
20:05:23.0749 2992 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:05:23.0749 2992 LMS - ok
20:05:23.0781 2992 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:05:23.0796 2992 LSI_SAS - ok
20:05:23.0796 2992 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:05:23.0796 2992 LSI_SAS2 - ok
20:05:23.0828 2992 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:05:23.0828 2992 LSI_SCSI - ok
20:05:23.0843 2992 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:05:23.0843 2992 LSI_SSS - ok
20:05:23.0890 2992 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\Windows\System32\lsm.dll
20:05:23.0890 2992 LSM - ok
20:05:23.0906 2992 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\Windows\system32\drivers\luafv.sys
20:05:23.0906 2992 luafv - ok
20:05:23.0999 2992 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] McOobeSv2 C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
20:05:24.0015 2992 McOobeSv2 - ok
20:05:24.0015 2992 [ 2C696ACBBBFFF7D25C1F468087FEB561 ] mcpltsvc C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
20:05:24.0015 2992 mcpltsvc - ok
20:05:24.0031 2992 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\Windows\system32\drivers\megasas.sys
20:05:24.0031 2992 megasas - ok
20:05:24.0062 2992 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:05:24.0078 2992 MegaSR - ok
20:05:24.0109 2992 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
20:05:24.0124 2992 MEIx64 - ok
20:05:24.0156 2992 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
20:05:24.0171 2992 mfeapfk - ok
20:05:24.0203 2992 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
20:05:24.0218 2992 mfeavfk - ok
20:05:24.0265 2992 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:05:24.0265 2992 mfefire - ok
20:05:24.0328 2992 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
20:05:24.0359 2992 mfefirek - ok
20:05:24.0406 2992 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
20:05:24.0421 2992 mfehidk - ok
20:05:24.0437 2992 mfeicfcoreocp - ok
20:05:24.0468 2992 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
20:05:24.0468 2992 mfevtp - ok
20:05:24.0562 2992 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
20:05:24.0609 2992 mfewfpk - ok
20:05:24.0640 2992 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\Windows\system32\mmcss.dll
20:05:24.0656 2992 MMCSS - ok
20:05:24.0671 2992 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\Windows\system32\drivers\modem.sys
20:05:24.0671 2992 Modem - ok
20:05:24.0734 2992 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\Windows\System32\drivers\monitor.sys
20:05:24.0734 2992 monitor - ok
20:05:24.0749 2992 [ 618446B98C79776654340CE27C73485E ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:05:24.0749 2992 mouclass - ok
20:05:24.0796 2992 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:05:24.0796 2992 mouhid - ok
20:05:24.0828 2992 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:05:24.0828 2992 mountmgr - ok
20:05:24.0890 2992 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
20:05:24.0921 2992 MozillaMaintenance - ok
20:05:24.0968 2992 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:05:24.0968 2992 mpsdrv - ok
20:05:24.0999 2992 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:05:25.0015 2992 MpsSvc - ok
20:05:25.0015 2992 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:05:25.0015 2992 MRxDAV - ok
20:05:25.0046 2992 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:05:25.0062 2992 mrxsmb - ok
20:05:25.0062 2992 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:05:25.0062 2992 mrxsmb10 - ok
20:05:25.0078 2992 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:05:25.0078 2992 mrxsmb20 - ok
20:05:25.0093 2992 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:05:25.0109 2992 MsBridge - ok
20:05:25.0124 2992 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\Windows\System32\msdtc.exe
20:05:25.0140 2992 MSDTC - ok
20:05:25.0156 2992 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:05:25.0156 2992 Msfs - ok
20:05:25.0187 2992 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:05:25.0187 2992 msgpiowin32 - ok
20:05:25.0203 2992 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:05:25.0203 2992 mshidkmdf - ok
20:05:25.0203 2992 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:05:25.0218 2992 mshidumdf - ok
20:05:25.0218 2992 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:05:25.0218 2992 msisadrv - ok
20:05:25.0265 2992 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:05:25.0265 2992 MSiSCSI - ok
20:05:25.0265 2992 msiserver - ok
20:05:25.0281 2992 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:05:25.0281 2992 MSKSSRV - ok
20:05:25.0281 2992 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:05:25.0296 2992 MsLldp - ok
20:05:25.0312 2992 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:05:25.0312 2992 MSPCLOCK - ok
20:05:25.0332 2992 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:05:25.0332 2992 MSPQM - ok
20:05:25.0348 2992 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:05:25.0364 2992 MsRPC - ok
20:05:25.0379 2992 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:05:25.0379 2992 mssmbios - ok
20:05:25.0395 2992 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:05:25.0395 2992 MSTEE - ok
20:05:25.0395 2992 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:05:25.0395 2992 MTConfig - ok
20:05:25.0410 2992 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\Windows\system32\Drivers\mup.sys
20:05:25.0410 2992 Mup - ok
20:05:25.0410 2992 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:05:25.0410 2992 mvumis - ok
20:05:25.0457 2992 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\Windows\system32\qagentRT.dll
20:05:25.0457 2992 napagent - ok
20:05:25.0489 2992 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:05:25.0489 2992 NativeWifiP - ok
20:05:25.0536 2992 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:05:25.0536 2992 NcaSvc - ok
20:05:25.0551 2992 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:05:25.0551 2992 NcdAutoSetup - ok
20:05:25.0598 2992 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:05:25.0629 2992 NDIS - ok
20:05:25.0645 2992 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:05:25.0645 2992 NdisCap - ok
20:05:25.0645 2992 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:05:25.0660 2992 NdisImPlatform - ok
20:05:25.0723 2992 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:05:25.0723 2992 NdisTapi - ok
20:05:25.0739 2992 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:05:25.0739 2992 Ndisuio - ok
20:05:25.0754 2992 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:25.0754 2992 NdisWan - ok
20:05:25.0754 2992 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:25.0770 2992 NDISWANLEGACY - ok
20:05:25.0801 2992 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:05:25.0801 2992 NDProxy - ok
20:05:25.0801 2992 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:05:25.0801 2992 Ndu - ok
20:05:25.0817 2992 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:05:25.0832 2992 NetBIOS - ok
20:05:25.0832 2992 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:05:25.0879 2992 NetBT - ok
20:05:25.0895 2992 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\Windows\system32\lsass.exe
20:05:25.0895 2992 Netlogon - ok
20:05:25.0942 2992 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\Windows\System32\netman.dll
20:05:25.0942 2992 Netman - ok
20:05:25.0989 2992 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\Windows\System32\netprofmsvc.dll
20:05:26.0004 2992 netprofm - ok
20:05:26.0161 2992 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:05:26.0207 2992 NetTcpPortSharing - ok
20:05:26.0395 2992 [ 3E867077C0CF367FF8FCAEC64947393E ] NetworkSupport C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
20:05:26.0473 2992 NetworkSupport - ok
20:05:26.0504 2992 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:05:26.0520 2992 nfrd960 - ok
20:05:26.0551 2992 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:05:26.0567 2992 NlaSvc - ok
20:05:26.0567 2992 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:05:26.0567 2992 Npfs - ok
20:05:26.0582 2992 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:05:26.0598 2992 npsvctrig - ok
20:05:26.0629 2992 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\Windows\system32\nsisvc.dll
20:05:26.0629 2992 nsi - ok
20:05:26.0629 2992 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:05:26.0645 2992 nsiproxy - ok
20:05:26.0723 2992 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:05:26.0770 2992 Ntfs - ok
20:05:26.0770 2992 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\Windows\system32\drivers\Null.sys
20:05:26.0770 2992 Null - ok
20:05:27.0036 2992 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:05:27.0411 2992 nvlddmkm - ok
20:05:27.0411 2992 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:05:27.0426 2992 nvraid - ok
20:05:27.0426 2992 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:05:27.0426 2992 nvstor - ok
20:05:27.0426 2992 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:05:27.0442 2992 nv_agp - ok
20:05:27.0598 2992 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:05:27.0630 2992 odserv - ok
20:05:27.0661 2992 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:05:27.0676 2992 ose - ok
20:05:27.0723 2992 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:05:27.0723 2992 p2pimsvc - ok
20:05:27.0770 2992 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\Windows\system32\p2psvc.dll
20:05:27.0786 2992 p2psvc - ok
20:05:27.0786 2992 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\Windows\System32\drivers\parport.sys
20:05:27.0786 2992 Parport - ok
20:05:27.0833 2992 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:05:27.0833 2992 partmgr - ok
20:05:27.0864 2992 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:05:27.0880 2992 PcaSvc - ok
20:05:27.0895 2992 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\Windows\system32\drivers\pci.sys
20:05:27.0911 2992 pci - ok
20:05:27.0911 2992 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\Windows\system32\drivers\pciide.sys
20:05:27.0911 2992 pciide - ok
20:05:27.0926 2992 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:05:27.0926 2992 pcmcia - ok
20:05:27.0942 2992 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\Windows\system32\drivers\pcw.sys
20:05:27.0942 2992 pcw - ok
20:05:27.0973 2992 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\Windows\system32\drivers\pdc.sys
20:05:27.0973 2992 pdc - ok
20:05:28.0005 2992 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:05:28.0020 2992 PEAUTH - ok
20:05:28.0364 2992 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:05:28.0364 2992 PerfHost - ok
20:05:28.0427 2992 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\Windows\system32\pla.dll
20:05:28.0489 2992 pla - ok
20:05:28.0536 2992 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:05:28.0552 2992 PlugPlay - ok
20:05:28.0723 2992 [ 0554C64486399581EC5686CCBB975DFE ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
20:05:28.0755 2992 PMBDeviceInfoProvider - ok
20:05:28.0770 2992 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:05:28.0770 2992 PNRPAutoReg - ok
20:05:28.0802 2992 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:05:28.0817 2992 PNRPsvc - ok
20:05:28.0864 2992 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:05:28.0880 2992 PolicyAgent - ok
20:05:28.0911 2992 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\Windows\system32\umpo.dll
20:05:28.0911 2992 Power - ok
20:05:28.0958 2992 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:05:28.0973 2992 PptpMiniport - ok
20:05:29.0130 2992 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:05:29.0270 2992 PrintNotify - ok
20:05:29.0302 2992 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\Windows\System32\drivers\processr.sys
20:05:29.0317 2992 Processor - ok
20:05:29.0348 2992 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\Windows\system32\profsvc.dll
20:05:29.0364 2992 ProfSvc - ok
20:05:29.0380 2992 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:05:29.0380 2992 Psched - ok
20:05:29.0411 2992 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\Windows\system32\qwave.dll
20:05:29.0411 2992 QWAVE - ok
20:05:29.0458 2992 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:05:29.0473 2992 QWAVEdrv - ok
20:05:29.0473 2992 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:05:29.0473 2992 RasAcd - ok
20:05:29.0520 2992 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:05:29.0520 2992 RasAgileVpn - ok
20:05:29.0552 2992 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\Windows\System32\rasauto.dll
20:05:29.0552 2992 RasAuto - ok
20:05:29.0567 2992 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:05:29.0567 2992 Rasl2tp - ok
20:05:29.0598 2992 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\Windows\System32\rasmans.dll
20:05:29.0598 2992 RasMan - ok
20:05:29.0614 2992 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:05:29.0615 2992 RasPppoe - ok
20:05:29.0615 2992 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:05:29.0615 2992 RasSstp - ok
20:05:29.0646 2992 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:05:29.0662 2992 rdbss - ok
20:05:29.0678 2992 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:05:29.0678 2992 rdpbus - ok
20:05:29.0693 2992 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:05:29.0693 2992 RDPDR - ok
20:05:29.0740 2992 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:05:29.0740 2992 RdpVideoMiniport - ok
20:05:29.0740 2992 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:05:29.0756 2992 RDPWD - ok
20:05:29.0787 2992 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:05:29.0803 2992 rdyboost - ok
20:05:29.0834 2992 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:05:29.0849 2992 RemoteAccess - ok
20:05:29.0865 2992 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:05:29.0881 2992 RemoteRegistry - ok
20:05:29.0912 2992 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
20:05:29.0928 2992 RFCOMM - ok
20:05:29.0959 2992 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:05:29.0959 2992 RpcEptMapper - ok
20:05:30.0006 2992 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\Windows\system32\locator.exe
20:05:30.0006 2992 RpcLocator - ok
20:05:30.0037 2992 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\Windows\system32\rpcss.dll
20:05:30.0053 2992 RpcSs - ok
20:05:30.0084 2992 [ FD2F7ABB0B3C777CDC9D342CADBF0131 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:05:30.0099 2992 RSPCIESTOR - ok
20:05:30.0178 2992 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:05:30.0178 2992 rspndr - ok
20:05:30.0224 2992 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
20:05:30.0256 2992 RTL8168 - ok
20:05:30.0303 2992 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:05:30.0303 2992 s3cap - ok
20:05:30.0412 2992 [ 6A28F5BB0F3CD035D12D8C105EA6ED3E ] SafeBox C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
20:05:30.0412 2992 SafeBox - ok
20:05:30.0443 2992 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\Windows\system32\lsass.exe
20:05:30.0459 2992 SamSs - ok
20:05:30.0459 2992 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:05:30.0459 2992 sbp2port - ok
20:05:30.0506 2992 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:05:30.0521 2992 SCardSvr - ok
20:05:30.0521 2992 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:05:30.0521 2992 scfilter - ok
20:05:30.0599 2992 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\Windows\system32\schedsvc.dll
20:05:30.0631 2992 Schedule - ok
20:05:30.0678 2992 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:05:30.0678 2992 SCPolicySvc - ok
20:05:30.0709 2992 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:05:30.0724 2992 sdbus - ok
20:05:30.0740 2992 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:05:30.0740 2992 SDRSVC - ok
20:05:30.0803 2992 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:05:30.0803 2992 sdstor - ok
20:05:30.0834 2992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:05:30.0834 2992 secdrv - ok
20:05:30.0865 2992 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\Windows\system32\seclogon.dll
20:05:30.0865 2992 seclogon - ok
20:05:30.0896 2992 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\Windows\System32\sens.dll
20:05:30.0896 2992 SENS - ok
20:05:30.0912 2992 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:05:30.0912 2992 SensrSvc - ok
20:05:30.0912 2992 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:05:30.0912 2992 SerCx - ok
20:05:30.0928 2992 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\Windows\System32\drivers\serenum.sys
20:05:30.0928 2992 Serenum - ok
20:05:30.0928 2992 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\Windows\System32\drivers\serial.sys
20:05:30.0959 2992 Serial - ok
20:05:30.0959 2992 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:05:30.0959 2992 sermouse - ok
20:05:30.0990 2992 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\Windows\system32\sessenv.dll
20:05:30.0990 2992 SessionEnv - ok
20:05:31.0037 2992 [ 415B1326C40A2E1F251A3845B9C7DF31 ] SFEP C:\Windows\System32\drivers\SFEP.sys
20:05:31.0053 2992 SFEP - ok
20:05:31.0053 2992 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:05:31.0053 2992 sfloppy - ok
20:05:31.0084 2992 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:05:31.0099 2992 SharedAccess - ok
20:05:31.0209 2992 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:05:31.0209 2992 ShellHWDetection - ok
20:05:31.0224 2992 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:05:31.0224 2992 SiSRaid2 - ok
20:05:31.0240 2992 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:05:31.0240 2992 SiSRaid4 - ok
20:05:31.0287 2992 [ 4A2972573225A2DE4DEC0AD68529DF0F ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:05:31.0318 2992 SmbDrvI - ok
20:05:31.0350 2992 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:05:31.0350 2992 SNMPTRAP - ok
20:05:31.0474 2992 [ CC7041283CE3AEC7912636F0918B5A37 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:05:31.0506 2992 SOHCImp - ok
20:05:31.0553 2992 [ F318A96C1B42215F8A03D4325AB977AD ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
20:05:31.0599 2992 SOHDms - ok
20:05:31.0631 2992 [ 91B5B1FEC3F396A99C2AC3C37ACF84D0 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:05:31.0646 2992 SOHDs - ok
20:05:31.0709 2992 [ AA0F913B69BCEC9655ECAAA2312B29D9 ] SOWS C:\Windows\System32\drivers\sows.sys
20:05:31.0709 2992 SOWS - ok
20:05:31.0756 2992 [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:05:31.0771 2992 spaceport - ok
20:05:31.0787 2992 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:05:31.0787 2992 SpbCx - ok
20:05:31.0896 2992 [ C03E480E63A80D73FABE28D24D3B6B47 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:05:31.0928 2992 SpfService - ok
20:05:31.0990 2992 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\Windows\System32\spoolsv.exe
20:05:31.0990 2992 Spooler - ok
20:05:32.0131 2992 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\Windows\system32\sppsvc.exe
20:05:32.0271 2992 sppsvc - ok
20:05:32.0271 2992 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:05:32.0271 2992 srv - ok
20:05:32.0318 2992 [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:05:32.0318 2992 srv2 - ok
20:05:32.0335 2992 [ FD8B4F201B681C555A4AF41922C52557 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:05:32.0335 2992 srvnet - ok
20:05:32.0350 2992 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:05:32.0350 2992 SSDPSRV - ok
20:05:32.0373 2992 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:05:32.0373 2992 SstpSvc - ok
20:05:32.0400 2992 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:05:32.0400 2992 stexstor - ok
20:05:32.0463 2992 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\Windows\System32\wiaservc.dll
20:05:32.0478 2992 stisvc - ok
20:05:32.0541 2992 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\Windows\system32\drivers\storahci.sys
20:05:32.0556 2992 storahci - ok
20:05:32.0572 2992 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:05:32.0572 2992 storflt - ok
20:05:32.0603 2992 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\Windows\system32\storsvc.dll
20:05:32.0603 2992 StorSvc - ok
20:05:32.0619 2992 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:05:32.0619 2992 storvsc - ok
20:05:32.0650 2992 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\Windows\system32\svsvc.dll
20:05:32.0650 2992 svsvc - ok
20:05:32.0666 2992 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\Windows\System32\drivers\swenum.sys
20:05:32.0666 2992 swenum - ok
20:05:32.0697 2992 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\Windows\System32\swprv.dll
20:05:32.0713 2992 swprv - ok
20:05:32.0759 2992 [ 157DFCD1E83E964A5074742AE2DFA0C1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:05:32.0759 2992 SynTP - ok
20:05:32.0822 2992 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\Windows\system32\sysmain.dll
20:05:32.0853 2992 SysMain - ok
20:05:32.0885 2992 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:05:32.0900 2992 SystemEventsBroker - ok
20:05:32.0916 2992 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
20:05:32.0916 2992 TabletInputService - ok
20:05:32.0931 2992 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\Windows\System32\tapisrv.dll
20:05:32.0963 2992 TapiSrv - ok
20:05:33.0041 2992 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:05:33.0119 2992 Tcpip - ok
20:05:33.0150 2992 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:05:33.0166 2992 TCPIP6 - ok
20:05:33.0213 2992 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:05:33.0213 2992 tcpipreg - ok
20:05:33.0213 2992 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:05:33.0228 2992 tdx - ok
20:05:33.0228 2992 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:05:33.0228 2992 terminpt - ok
20:05:33.0291 2992 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\Windows\System32\termsrv.dll
20:05:33.0322 2992 TermService - ok
20:05:33.0338 2992 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\Windows\system32\themeservice.dll
20:05:33.0338 2992 Themes - ok
20:05:33.0369 2992 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\Windows\system32\mmcss.dll
20:05:33.0369 2992 THREADORDER - ok
20:05:33.0416 2992 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:05:33.0416 2992 TimeBroker - ok
20:05:33.0463 2992 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\Windows\system32\drivers\tpm.sys
20:05:33.0463 2992 TPM - ok
20:05:33.0478 2992 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\Windows\System32\trkwks.dll
20:05:33.0494 2992 TrkWks - ok
20:05:33.0572 2992 [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos C:\Windows\system32\DRIVERS\trufos.sys
20:05:33.0572 2992 trufos - ok
20:05:33.0635 2992 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:05:33.0635 2992 TrustedInstaller - ok
20:05:33.0681 2992 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:05:33.0681 2992 TsUsbFlt - ok
20:05:33.0697 2992 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:05:33.0697 2992 TsUsbGD - ok
20:05:33.0728 2992 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:05:33.0760 2992 tunnel - ok
20:05:33.0775 2992 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:05:33.0791 2992 uagp35 - ok
20:05:33.0791 2992 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:05:33.0791 2992 UASPStor - ok
20:05:33.0822 2992 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:05:33.0838 2992 UCX01000 - ok
20:05:33.0838 2992 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:05:33.0853 2992 udfs - ok
20:05:33.0963 2992 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:05:33.0963 2992 UI0Detect - ok
20:05:33.0963 2992 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:05:33.0978 2992 uliagpkx - ok
20:05:33.0978 2992 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\Windows\System32\drivers\umbus.sys
20:05:33.0978 2992 umbus - ok
20:05:33.0994 2992 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\Windows\System32\drivers\umpass.sys
20:05:33.0994 2992 UmPass - ok
20:05:34.0010 2992 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\Windows\System32\umrdp.dll
20:05:34.0025 2992 UmRdpService - ok
20:05:34.0135 2992 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:05:34.0135 2992 UNS - ok
20:05:34.0306 2992 [ 3B709E63B35A6949F4CFB05A6F6A180C ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
20:05:34.0306 2992 UPDATESRV - ok
20:05:34.0353 2992 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\Windows\System32\upnphost.dll
20:05:34.0385 2992 upnphost - ok
20:05:34.0416 2992 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:05:34.0416 2992 usbccgp - ok
20:05:34.0431 2992 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:05:34.0431 2992 usbcir - ok
20:05:34.0463 2992 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:05:34.0463 2992 usbehci - ok
20:05:34.0510 2992 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:05:34.0525 2992 usbhub - ok
20:05:34.0541 2992 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:05:34.0573 2992 USBHUB3 - ok
20:05:34.0604 2992 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:05:34.0619 2992 usbohci - ok
20:05:34.0651 2992 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:05:34.0651 2992 usbprint - ok
20:05:34.0666 2992 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:05:34.0666 2992 USBSTOR - ok
20:05:34.0698 2992 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:05:34.0698 2992 usbuhci - ok
20:05:34.0744 2992 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:05:34.0744 2992 usbvideo - ok
20:05:34.0791 2992 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:05:34.0807 2992 USBXHCI - ok
20:05:34.0916 2992 [ A3C75F5220CAB16A29784433DC241A5B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
20:05:34.0916 2992 VAIO Event Service - ok
20:05:35.0041 2992 [ 8EF62038EBD54C240486A36F9259C64A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:05:35.0057 2992 VAIO Power Management - ok
20:05:35.0104 2992 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\Windows\system32\lsass.exe
20:05:35.0104 2992 VaultSvc - ok
20:05:35.0260 2992 [ 5B9E9B509770422967D2126E7D4F01EA ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:05:35.0323 2992 VCFw - ok
20:05:35.0416 2992 [ 3FD6585C0C2B3730DF30CFB8F41E1335 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
20:05:35.0416 2992 VCService - ok
20:05:35.0463 2992 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:05:35.0463 2992 vdrvroot - ok
20:05:35.0510 2992 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\Windows\System32\vds.exe
20:05:35.0526 2992 vds - ok
20:05:35.0541 2992 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:05:35.0541 2992 VerifierExt - ok
20:05:35.0588 2992 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:05:35.0604 2992 vhdmp - ok
20:05:35.0651 2992 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\Windows\system32\drivers\viaide.sys
20:05:35.0666 2992 viaide - ok
20:05:35.0666 2992 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:05:35.0682 2992 vmbus - ok
20:05:35.0682 2992 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:05:35.0682 2992 VMBusHID - ok
20:05:35.0776 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:05:35.0791 2992 vmicheartbeat - ok
20:05:35.0807 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:05:35.0807 2992 vmickvpexchange - ok
20:05:35.0823 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:05:35.0823 2992 vmicrdv - ok
20:05:35.0838 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:05:35.0838 2992 vmicshutdown - ok
20:05:35.0854 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:05:35.0854 2992 vmictimesync - ok
20:05:35.0869 2992 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\Windows\System32\ICSvc.dll
20:05:35.0869 2992 vmicvss - ok
20:05:35.0885 2992 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:05:35.0901 2992 volmgr - ok
20:05:35.0916 2992 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:05:35.0916 2992 volmgrx - ok
20:05:35.0916 2992 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:05:35.0932 2992 volsnap - ok
20:05:35.0932 2992 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\Windows\System32\drivers\vpci.sys
20:05:35.0932 2992 vpci - ok
20:05:35.0963 2992 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:05:35.0979 2992 vsmraid - ok
20:05:36.0041 2992 [ EA658570314042C914964FC72AB50E6B ] VSS C:\Windows\system32\vssvc.exe
20:05:36.0088 2992 VSS - ok
20:05:36.0166 2992 [ F4087B2AA00D96A852B084294B2C547A ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
20:05:36.0182 2992 VSSERV - ok
20:05:36.0198 2992 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:05:36.0198 2992 VSTXRAID - ok
20:05:36.0323 2992 [ 8B54E63C1496FE7D92135DAECEC384D1 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
20:05:36.0323 2992 VUAgent - ok
20:05:36.0338 2992 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:05:36.0338 2992 vwifibus - ok
20:05:36.0338 2992 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:05:36.0354 2992 vwififlt - ok
20:05:36.0354 2992 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:05:36.0354 2992 vwifimp - ok
20:05:36.0369 2992 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\Windows\system32\w32time.dll
20:05:36.0369 2992 W32Time - ok
20:05:36.0385 2992 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:05:36.0385 2992 WacomPen - ok
20:05:36.0432 2992 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:05:36.0448 2992 Wanarp - ok
20:05:36.0448 2992 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:05:36.0448 2992 Wanarpv6 - ok
20:05:36.0510 2992 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\Windows\system32\wbengine.exe
20:05:36.0557 2992 wbengine - ok
20:05:36.0588 2992 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:05:36.0588 2992 WbioSrvc - ok
20:05:36.0604 2992 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:05:36.0620 2992 Wcmsvc - ok
20:05:36.0666 2992 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:05:36.0729 2992 wcncsvc - ok
20:05:36.0729 2992 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:05:36.0729 2992 WcsPlugInService - ok
20:05:36.0776 2992 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\Windows\system32\drivers\wd.sys
20:05:36.0776 2992 Wd - ok
20:05:36.0807 2992 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:05:36.0807 2992 WdBoot - ok
20:05:36.0870 2992 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:05:36.0885 2992 Wdf01000 - ok
20:05:36.0979 2992 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:05:36.0995 2992 WdFilter - ok
20:05:37.0010 2992 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:05:37.0010 2992 WdiServiceHost - ok
20:05:37.0041 2992 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:05:37.0057 2992 WdiSystemHost - ok
20:05:37.0088 2992 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\Windows\System32\webclnt.dll
20:05:37.0104 2992 WebClient - ok
20:05:37.0120 2992 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:05:37.0135 2992 Wecsvc - ok
20:05:37.0166 2992 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:05:37.0166 2992 wercplsupport - ok
20:05:37.0213 2992 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\Windows\System32\WerSvc.dll
20:05:37.0213 2992 WerSvc - ok
20:05:37.0260 2992 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:05:37.0260 2992 WFPLWFS - ok
20:05:37.0291 2992 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:05:37.0291 2992 WiaRpc - ok
20:05:37.0307 2992 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:05:37.0307 2992 WIMMount - ok
20:05:37.0370 2992 WinDefend - ok
20:05:37.0448 2992 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:05:37.0463 2992 WinHttpAutoProxySvc - ok
20:05:37.0666 2992 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:05:37.0666 2992 Winmgmt - ok
20:05:37.0791 2992 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\Windows\system32\WsmSvc.dll
20:05:37.0963 2992 WinRM - ok
20:05:38.0166 2992 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\Windows\System32\wlansvc.dll
20:05:38.0198 2992 WlanSvc - ok
20:05:38.0307 2992 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:05:38.0432 2992 wlidsvc - ok
20:05:38.0495 2992 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:05:38.0495 2992 WmiAcpi - ok
20:05:38.0557 2992 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:05:38.0557 2992 wmiApSrv - ok
20:05:38.0588 2992 WMPNetworkSvc - ok
20:05:38.0604 2992 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:05:38.0604 2992 wpcfltr - ok
20:05:38.0682 2992 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:05:38.0682 2992 WPCSvc - ok
20:05:38.0729 2992 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:05:38.0729 2992 WPDBusEnum - ok
20:05:38.0745 2992 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:05:38.0745 2992 WpdUpFltr - ok
20:05:38.0791 2992 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:05:38.0791 2992 ws2ifsl - ok
20:05:38.0823 2992 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\Windows\System32\wscsvc.dll
20:05:38.0823 2992 wscsvc - ok
20:05:38.0838 2992 WSearch - ok
20:05:38.0948 2992 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\Windows\System32\WSService.dll
20:05:39.0026 2992 WSService - ok
20:05:39.0135 2992 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\Windows\system32\wuaueng.dll
20:05:39.0213 2992 wuauserv - ok
20:05:39.0260 2992 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:05:39.0260 2992 WudfPf - ok
20:05:39.0276 2992 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:05:39.0276 2992 WUDFRd - ok
20:05:39.0307 2992 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:05:39.0323 2992 wudfsvc - ok
20:05:39.0338 2992 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:39.0338 2992 WUDFWpdFs - ok
20:05:39.0401 2992 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:05:39.0401 2992 WwanSvc - ok
20:05:39.0557 2992 [ 918C73F0275D7813E6F01E100B39DBD9 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:05:39.0557 2992 ZAtheros Bt&Wlan Coex Agent - ok
20:05:39.0573 2992 ================ Scan global ===============================
20:05:39.0620 2992 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
20:05:39.0667 2992 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
20:05:39.0698 2992 [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
20:05:39.0745 2992 [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
20:05:39.0760 2992 [Global] - ok
20:05:39.0760 2992 ================ Scan MBR ==================================
20:05:39.0776 2992 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:05:39.0792 2992 \Device\Harddisk0\DR0 - ok
20:05:39.0792 2992 ================ Scan VBR ==================================
20:05:39.0792 2992 [ 6F2E1747103AA17916908AC252569DBB ] \Device\Harddisk0\DR0\Partition1
20:05:39.0792 2992 \Device\Harddisk0\DR0\Partition1 - ok
20:05:39.0854 2992 [ 0F5156587C21A08756725E2F1C960B86 ] \Device\Harddisk0\DR0\Partition2
20:05:39.0854 2992 \Device\Harddisk0\DR0\Partition2 - ok
20:05:39.0870 2992 [ E2C78C1F702A78F6623D1FCC227C777F ] \Device\Harddisk0\DR0\Partition3
20:05:39.0870 2992 \Device\Harddisk0\DR0\Partition3 - ok
20:05:39.0885 2992 [ CA139E4C6472338501A1B6ACD959D7E8 ] \Device\Harddisk0\DR0\Partition4
20:05:39.0885 2992 \Device\Harddisk0\DR0\Partition4 - ok
20:05:39.0901 2992 [ 950DE42FFCC79D95A0DAC99BCBB84925 ] \Device\Harddisk0\DR0\Partition5
20:05:39.0901 2992 \Device\Harddisk0\DR0\Partition5 - ok
20:05:39.0932 2992 [ BD14510FB0217DB719BA5166650CBB12 ] \Device\Harddisk0\DR0\Partition6
20:05:39.0932 2992 \Device\Harddisk0\DR0\Partition6 - ok
20:05:39.0932 2992 ============================================================
20:05:39.0932 2992 Scan finished
20:05:39.0932 2992 ============================================================
20:05:39.0932 3908 Detected object count: 0
20:05:39.0932 3908 Actual detected object count: 0
|
|
09.05.2013, 20:58
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mahnung mit Anhang handyshop.de JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.05.2013, 17:26
| #11 |
| | Mahnung mit Anhang handyshop.de JRT Log: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Marko on 10.05.2013 at 17:54:32,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Successfully deleted: [File] "C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi"
Successfully deleted: [Folder] C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\crossriderapp16150@crossrider.com
Successfully deleted the following from C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\prefs.js
user_pref("extensions.crossrider.bic", "13e7f245b63f8f77f8e6b9d38e3270ac");
user_pref("extensions.crossriderapp16150.16150.InstallationThankYouPage", false);
user_pref("extensions.crossriderapp16150.16150.InstallationTime", 1367932643);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.searchUserConifrmation", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setHomepage", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setNewTab", false);
user_pref("extensions.crossriderapp16150.16150.InstallationUserSettings.setSearch", false);
user_pref("extensions.crossriderapp16150.16150.active", true);
user_pref("extensions.crossriderapp16150.16150.addressbar", "");
user_pref("extensions.crossriderapp16150.16150.addressbarenhanced", "");
user_pref("extensions.crossriderapp16150.16150.backgroundjs", "\n\n/************************************************************************************\n This is your backgr
user_pref("extensions.crossriderapp16150.16150.backgroundver", 7);
user_pref("extensions.crossriderapp16150.16150.can_run_bg_code", true);
user_pref("extensions.crossriderapp16150.16150.certdomaininstaller", "");
user_pref("extensions.crossriderapp16150.16150.changeprevious", false);
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app16150%22%3A%22app16150%22%2C%22DE%22%3A%22DE%22%7
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_css.expiration", "Sat May 11 2013 17:50:16 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5Cn%5Cn.%25CSSClass%25-top-left%
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_geolocation.expiration", "Tue May 14 2013 15:18:21 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_geolocation.value", "%22DE%22");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_metadata.expiration", "Sat May 11 2013 17:50:16 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A16150%2C%22appName%22%3A%22DKB-Cashback%22%2C%22lastMessageId%22%3A
user_pref("extensions.crossriderapp16150.16150.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.InstallationTime.value", "1367932643");
user_pref("extensions.crossriderapp16150.16150.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.cookie.apicalledflag.expiration", "Fri May 10 2013 18:50:13 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.cookie.apicalledflag.value", "1");
user_pref("extensions.crossriderapp16150.16150.description", "Mit der DKB-Cashback Erweiterung finden Sie schnell und einfach alle Online-Cashbacks. Somit verpassen Sie keinen
user_pref("extensions.crossriderapp16150.16150.domain", "");
user_pref("extensions.crossriderapp16150.16150.enablesearch", false);
user_pref("extensions.crossriderapp16150.16150.fbremoteurl", "");
user_pref("extensions.crossriderapp16150.16150.group", 0);
user_pref("extensions.crossriderapp16150.16150.homepage", "");
user_pref("extensions.crossriderapp16150.16150.iframe", false);
user_pref("extensions.crossriderapp16150.16150.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22D85F7D9FA8F44583A014AD7A2EECBCCDIE%22%2C%22installer_verifi
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_appVer.value", "39");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_lastVersion.value", "44");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_meta.value", "%7B%22jquery.js%22%3A%7B%22id%22%3A52772%2C%22ver%22%3A44%2C%22status%22%3A1%2C%22name%22%3A%
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_nextCheck.expiration", "Fri May 10 2013 23:50:12 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.expiration", "Thu Aug 08 2013 17:52:58 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.value", "%22/*%21%20jQuery%20v1.8.2%20jquery.com%20%7C%20jquery.org/license%20*/%5Cr%5Cn%28f
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52773.expiration", "Mon Aug 05 2013 15:18:13 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52773.value", "%22.bottomtxt%5Cn%7B%5Cncolor%3A%23ffffff%20%21important%3B%5Cnmargin-top%3A5px%20%
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.expiration", "Thu Aug 08 2013 17:52:58 GMT+0200");
user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.value", "%22/*%21%5Cr%5Cn%20*%20jQuery%20blockUI%20plugin%5Cr%5Cn%20*%20Version%202.45%20%28
user_pref("extensions.crossriderapp16150.16150.js", "\n\n /************************************************************************************\n This is your Page Code. The
user_pref("extensions.crossriderapp16150.16150.manifesturl", "");
user_pref("extensions.crossriderapp16150.16150.name", "DKB-Cashback");
user_pref("extensions.crossriderapp16150.16150.newtab", "");
user_pref("extensions.crossriderapp16150.16150.opensearch", "");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return ap
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.name", "base");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_1.ver", 6);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelect
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_13.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.name", "FFAppAPIWrapper");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.ver", 7);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.name", "jQuery");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.d
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.name", "debug");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_21.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=fun
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.name", "resources");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferre
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.name", "initializer");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_28.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"unde
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.name", "jquery_1_7_1");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.ver", 4);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.name", "resources_background");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_47.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};var e=/left|center|right/,d=/top|center|bottom/,b=f.fn.position,a=f.fn.offse
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.name", "notifications");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_5.ver", 5);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);}
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.name", "appApiMessage");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,hooks:{},addHook:function(a,b){this.hooks[a]=b;},removeHook:function(a){del
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.name", "hooks");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.name", "appApiValidation");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_72.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAge
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.ver", 3);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(a){return function(){var f={keyDelay:1000},e,h;return{i
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.name", "search_engine_hook");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===t
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.name", "omniCommands");
user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.ver", 2);
user_pref("extensions.crossriderapp16150.16150.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98");
user_pref("extensions.crossriderapp16150.16150.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,7,98,9,5,28");
user_pref("extensions.crossriderapp16150.16150.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/16150/plugins/086/ff/plugins.json");
user_pref("extensions.crossriderapp16150.16150.pluginsversion", 26);
user_pref("extensions.crossriderapp16150.16150.publisher", "dkbbrowserextension");
user_pref("extensions.crossriderapp16150.16150.searchstatus", 0);
user_pref("extensions.crossriderapp16150.16150.setnewtab", false);
user_pref("extensions.crossriderapp16150.16150.settingsurl", "");
user_pref("extensions.crossriderapp16150.16150.thankyou", "");
user_pref("extensions.crossriderapp16150.16150.updateinterval", 360);
user_pref("extensions.crossriderapp16150.16150.ver", 39);
user_pref("extensions.crossriderapp16150.adsOldValue", -1);
user_pref("extensions.crossriderapp16150.apps", "16150");
user_pref("extensions.crossriderapp16150.bic", "13e7f245b63f8f77f8e6b9d38e3270ac");
user_pref("extensions.crossriderapp16150.cid", 16150);
user_pref("extensions.crossriderapp16150.firstrun", false);
user_pref("extensions.crossriderapp16150.hadappinstalled", true);
user_pref("extensions.crossriderapp16150.installationdate", 1367932689);
user_pref("extensions.crossriderapp16150.lastcheck", 22803350);
user_pref("extensions.crossriderapp16150.lastcheckitem", 22803353);
user_pref("extensions.crossriderapp16150.modetype", "production");
user_pref("extensions.crossriderapp16150.reportInstall", true);
user_pref("extensions.crossriderapp16150.statsDailyCounter", 7);
Emptied folder: C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\minidumps [86 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2013 at 17:59:24,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
adwcleaner vor Löschung: Code:
ATTFilter # AdwCleaner v2.300 - Datei am 10/05/2013 um 18:02:35 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : Marko - MARCO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marko\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\qphsui79.default\prefs.js
Gefunden : user_pref("extensions.crossriderapp16150.16150.backgroundjs", "\n\n/********************************[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52772.value", "%22/*%21[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.internaldb.Resources_resource_52774.value", "%22/*%21[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.js", "\n\n /****************************************[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searc[...]
Gefunden : user_pref("extensions.crossriderapp16150.16150.plugins.plugin_98.code", "(function(){var b=\"cr_\"+a[...]
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2819 octets] - [10/05/2013 18:00:22]
AdwCleaner[R2].txt - [2632 octets] - [10/05/2013 18:02:35]
AdwCleaner[S1].txt - [303 octets] - [10/05/2013 18:01:37]
########## EOF - C:\AdwCleaner[R2].txt - [2751 octets] ##########
Code:
ATTFilter # AdwCleaner v2.300 - Datei am 10/05/2013 um 18:21:14 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzer : Marko - MARCO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Marko\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\qphsui79.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2819 octets] - [10/05/2013 18:00:22]
AdwCleaner[R2].txt - [2820 octets] - [10/05/2013 18:02:35]
AdwCleaner[R3].txt - [1210 octets] - [10/05/2013 18:07:41]
AdwCleaner[R4].txt - [1023 octets] - [10/05/2013 18:21:14]
AdwCleaner[S1].txt - [303 octets] - [10/05/2013 18:01:37]
AdwCleaner[S2].txt - [2882 octets] - [10/05/2013 18:02:47]
########## EOF - C:\AdwCleaner[R4].txt - [1202 octets] ##########
OTL als Anhang (zu groß) Extras Code:
ATTFilter OTL Extras logfile created on: 10.05.2013 18:08:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marko\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 6,62 Gb Available Physical Memory | 83,33% Memory free
12,45 Gb Paging File | 10,98 Gb Available in Paging File | 88,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 244,24 Gb Free Space | 56,84% Space Free | Partition Type: NTFS
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- c:\program files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0951D2E1-D74F-48E6-A7CA-A6A3071D3971}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0A25A8A7-997C-4DC9-8779-BD2AA4F16228}" = dir=out | name=mcafee security advisor for sony |
"{12A3DC6B-8C9C-4F99-A4BC-542691288871}" = dir=out | name=microsoft minesweeper |
"{12C4B2C5-0B76-4308-9642-23A404004EA6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{1A627A81-FCDB-4359-A6B6-EE5F71972348}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{1BCB4F6F-8338-4807-88AD-2369D724CC03}" = dir=out | name=wordament |
"{1F3345A8-EF4E-47EE-9F47-74B7FD5FB935}" = dir=out | name=vaio message center |
"{21EEB5F9-1C54-47E8-A301-B801C2E644FC}" = dir=out | name=taptiles |
"{2A54FEEF-36C0-4459-BFDE-F2AD7FE846A5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2EF3358C-BF7B-49FD-9BD4-689C18387587}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{32EB4D28-D8E5-4C63-8642-4A43F5D74B69}" = dir=out | name=- games app - |
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{4A593217-4CD8-49BD-86DA-FF46B86305E9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5C7B4E84-413B-4A72-A8F5-75C74183C9B9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{5C8AF4FD-B98B-4224-85C1-1B3C94730DC2}" = dir=out | name=microsoft solitaire collection |
"{61D5201F-E2BC-4C56-9780-8AC42C6C7659}" = dir=out | name=skype |
"{6B0C650C-8F1D-4F34-8A55-5233780292C5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6C719750-AB40-4387-8286-AD3A4507208F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{71329C44-C82D-46AF-9FA7-F2058134448F}" = dir=out | name=vaio care |
"{7691044B-B720-4441-A2C0-F68BF373071B}" = dir=in | name=ebay |
"{7AB64358-22A3-4E58-8A53-4AD5FD599B39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{819F78F7-5827-422C-B692-A29350B02B02}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{89B8243F-6641-447A-87F3-9A24280870EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{8B07ACAA-6F9F-448A-9279-41FB80350F2E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{95D2A332-8819-4B3A-B4D9-D0F3ED18A653}" = dir=in | name=vaio care |
"{99E60D6A-6C60-4122-9054-DC335F781C40}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A8271BF6-986F-468C-BF97-B2401BD857D9}" = dir=out | name=ebay |
"{B629B822-0D5E-4A4D-934C-FFEA1C10AED2}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{C7EFD2BA-F489-49AB-8A56-10949374A4A2}" = dir=in | name=skype |
"{DD1B8599-7484-4E3A-90C5-BE70E206BC6E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ED071BD4-FF56-4DF3-BD0E-0DD5900AA358}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{ED404449-B544-4C28-9600-F8FF7A2D4D3E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F27AE307-315A-4504-85D2-4FDCC29F6F7A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FDBFAC30-24D7-4D3B-A5F1-F2A2B181A824}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 10.05.2013 12:05:00 | Computer Name = Marco | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 10.05.2013 12:10:44 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
< End of report >
|
|
10.05.2013, 19:40
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mahnung mit Anhang handyshop.deCode:
ATTFilter Scan Mode: Current user
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.05.2013, 20:37
| #13 |
| | Mahnung mit Anhang handyshop.de sorry, mein Fehler. OTL Code:
ATTFilter OTL logfile created on: 10.05.2013 21:23:43 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marko\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 6,57 Gb Available Physical Memory | 82,69% Memory free 12,45 Gb Paging File | 10,41 Gb Available in Paging File | 83,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 429,66 Gb Total Space | 243,94 Gb Free Space | 56,77% Space Free | Partition Type: NTFS Computer Name: MARCO | User Name: Marko | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Marko\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\vesmgrsub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\ISB Utility\isbmgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe () PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PlayMemories Home\pmbvolumewatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) ========== Modules (No Company Name) ========== MOD - C:\Programme\Sony\VAIO Care\listener.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV:64bit: - (mfeicfcoreocp) -- C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe File not found SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe () SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV - (MozillaMaintenance) -- c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe (Mozilla Foundation) SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender) SRV - (NetworkSupport) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations) SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (SafeBox) -- C:\Programme\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avckf) -- C:\Windows\SysNative\Drivers\avckf.sys (BitDefender) DRV:64bit: - (avc3) -- C:\Windows\SysNative\Drivers\avc3.sys (BitDefender) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\Drivers\bdsandbox.sys (BitDefender SRL) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (avchv) -- C:\Windows\SysNative\Drivers\avchv.sys (BitDefender) DRV:64bit: - (trufos) -- C:\Windows\SysNative\Drivers\trufos.sys (BitDefender S.R.L.) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (gzflt) -- C:\Windows\SysNative\Drivers\gzflt.sys (BitDefender LLC) DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\Drivers\bdvedisk.sys (BitDefender) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_VDP) -- C:\Windows\SysNative\Drivers\btath_vdp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\Drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\Drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (bdelam) -- C:\Windows\SysNative\Drivers\bdelam.sys (Bitdefender) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys (CyberLink) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (SOWS) -- C:\Windows\SysNative\Drivers\sows.sys (Sony Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\Drivers\e1y60x64.sys (Intel Corporation) DRV - (BdfNdisf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data] IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.diesiedleronline.de/de IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes,DefaultScope = {3A787D19-3A91-49A9-A57D-E51FA6C5FD26} IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{3A787D19-3A91-49A9-A57D-E51FA6C5FD26}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\..\SearchScopes\{BC7C2E91-EF4A-46D5-88C3-83657E71D1CB}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms} IE - HKU\S-1-5-21-2775004557-157767295-234458685-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.mydealz.de/" FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..network.proxy.autoconfig_url: "https://secure.premiumize.me/aebe55ce14110e7eaa033cfa2e2f22e3/proxy.pac" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.05.09 15:13:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.09 15:28:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.09 15:29:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.05.09 15:13:41 | 000,000,000 | ---D | M] [2013.05.09 15:25:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions [2013.02.09 13:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2013.05.10 17:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions [2013.05.09 15:26:13 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\qphsui79.default\extensions\foxmarks@kei.com [2013.05.08 20:27:10 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\qphsui79.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.09 15:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://sony13.msn.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.6 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Google Drive = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros) O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1894D1E-4985-41E1-A93F-16481E55A7A1}: NameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.10 17:54:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.10 17:54:11 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.10 17:52:37 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Marko\Desktop\JRT.exe [2013.05.09 20:25:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Macromedia [2013.05.09 20:25:07 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\covers [2013.05.09 20:24:34 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\logs [2013.05.09 19:58:52 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Marko\Desktop\tdsskiller.exe [2013.05.09 19:56:55 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Marko\Desktop\aswMBR.exe [2013.05.09 17:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.05.09 17:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.05.09 17:23:11 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Google [2013.05.09 16:33:26 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\WinRAR [2013.05.09 16:30:35 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.09 16:30:35 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.09 16:19:28 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice [2013.05.09 15:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.05.09 15:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2013.05.09 15:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2013.05.09 15:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.05.09 15:44:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.05.09 15:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.09 15:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013.05.09 15:41:27 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Microsoft Help [2013.05.09 15:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.05.09 15:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.09 15:38:29 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.09 15:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.09 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.05.09 15:37:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\lopoll [2013.05.09 15:29:30 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Thunderbird [2013.05.09 15:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.05.09 15:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.09 15:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.09 15:26:29 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Macromedia [2013.05.09 15:25:56 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll [2013.05.09 15:25:56 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll [2013.05.09 15:25:25 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Mozilla [2013.05.09 15:24:48 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll [2013.05.09 15:24:47 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.05.09 15:24:47 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.05.09 15:24:47 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2013.05.09 15:24:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.05.09 15:24:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2013.05.09 15:24:47 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.05.09 15:24:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.05.09 15:24:45 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmde.dll [2013.05.09 15:24:45 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2013.05.09 15:24:45 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmde.dll [2013.05.09 15:24:44 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll [2013.05.09 15:24:44 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll [2013.05.09 15:24:44 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll [2013.05.09 15:24:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevDispItemProvider.dll [2013.05.09 15:24:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevDispItemProvider.dll [2013.05.09 15:24:43 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2013.05.09 15:24:43 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\BCP47Langs.dll [2013.05.09 15:24:43 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl [2013.05.09 15:24:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl [2013.05.09 15:24:42 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.09 15:24:42 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.09 15:24:42 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2013.05.09 15:24:41 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2013.05.09 15:24:41 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll [2013.05.09 15:24:41 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BCP47Langs.dll [2013.05.09 15:24:41 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll [2013.05.09 15:24:41 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll [2013.05.09 15:24:41 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll [2013.05.09 15:24:41 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NdisImPlatform.dll [2013.05.09 15:24:41 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.05.09 15:24:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhostex.exe [2013.05.09 15:24:40 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2013.05.09 15:24:40 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2013.05.09 15:24:40 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usbmon.dll [2013.05.09 15:24:40 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDPrintProxy.DLL [2013.05.09 15:24:36 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.05.09 15:24:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.05.09 15:24:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll [2013.05.09 15:24:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll [2013.05.09 15:24:36 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll [2013.05.09 15:24:36 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncInfo.dll [2013.05.09 15:24:35 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Globalization.dll [2013.05.09 15:24:35 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Globalization.dll [2013.05.09 15:24:34 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll [2013.05.09 15:24:34 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TimeBrokerServer.dll [2013.05.09 15:24:34 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\discan.dll [2013.05.09 15:24:33 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.05.09 15:24:33 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.05.09 15:24:33 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.05.09 15:24:32 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll [2013.05.09 15:24:32 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2013.05.09 15:24:32 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.05.09 15:24:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2013.05.09 15:24:32 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.05.09 15:24:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2013.05.09 15:24:31 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.05.09 15:24:31 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2013.05.09 15:24:31 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys [2013.05.09 15:24:30 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsquirt.exe [2013.05.09 15:24:28 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013.05.09 15:24:28 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013.05.09 15:24:28 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storahci.sys [2013.05.09 15:24:27 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS [2013.05.09 15:24:27 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spaceport.sys [2013.05.09 15:24:27 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys [2013.05.09 15:23:51 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013.05.09 15:23:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.09 15:23:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.09 15:23:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.09 15:23:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.09 15:23:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.09 15:23:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.09 15:23:42 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.09 15:23:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.09 15:23:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.09 15:22:56 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.05.09 15:22:43 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2013.05.09 15:22:40 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll [2013.05.09 15:22:15 | 000,000,000 | ---D | C] -- C:\Windows.old [2013.05.09 15:21:25 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe [2013.05.09 15:21:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe [2013.05.09 15:21:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe [2013.05.09 15:21:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe [2013.05.09 15:21:22 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll [2013.05.09 15:21:22 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2013.05.09 15:21:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll [2013.05.09 15:21:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmproxy.dll [2013.05.09 15:21:20 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.05.09 15:21:20 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2013.05.09 15:21:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2013.05.09 15:21:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll [2013.05.09 15:21:16 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlroamextension.dll [2013.05.09 15:21:16 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlroamextension.dll [2013.05.09 15:21:14 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll [2013.05.09 15:21:14 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hotspotauth.dll [2013.05.09 15:21:14 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll [2013.05.09 15:21:13 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll [2013.05.09 15:21:13 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll [2013.05.09 15:21:12 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll [2013.05.09 15:21:12 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll [2013.05.09 15:21:08 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll [2013.05.09 15:21:07 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll [2013.05.09 15:21:05 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\duser.dll [2013.05.09 15:21:01 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys [2013.05.09 15:20:54 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys [2013.05.09 15:20:48 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2013.05.09 15:20:47 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS [2013.05.09 15:18:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Thunderbird [2013.05.09 15:17:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.05.09 15:16:36 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reseteng.dll [2013.05.09 15:16:36 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll [2013.05.09 15:16:36 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll [2013.05.09 15:15:53 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe [2013.05.09 15:15:52 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncbservice.dll [2013.05.09 15:15:52 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll [2013.05.09 15:15:52 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll [2013.05.09 15:15:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhapi.dll [2013.05.09 15:15:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxp.dll [2013.05.09 15:15:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\keepaliveprovider.dll [2013.05.09 15:15:51 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll [2013.05.09 15:15:51 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MP4SDECD.DLL [2013.05.09 15:15:51 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL [2013.05.09 15:15:51 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.dll [2013.05.09 15:15:51 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.dll [2013.05.09 15:15:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll [2013.05.09 15:15:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll [2013.05.09 15:15:50 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.dll [2013.05.09 15:15:50 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.dll [2013.05.09 15:15:50 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaacmgr.exe [2013.05.09 15:15:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaacmgr.exe [2013.05.09 15:15:49 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidsvc.dll [2013.05.09 15:15:48 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe [2013.05.09 15:15:45 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll [2013.05.09 15:15:45 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.09 15:15:44 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll [2013.05.09 15:15:44 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.dll [2013.05.09 15:15:44 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpiowin32.sys [2013.05.09 15:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013 [2013.05.09 15:14:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2013.05.09 15:14:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2013.05.09 15:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2013.05.09 15:13:48 | 000,023,456 | ---- | C] (Bitdefender) -- C:\Windows\SysNative\drivers\bdelam.sys [2013.05.09 15:13:45 | 000,078,752 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys [2013.05.09 15:13:40 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll [2013.05.09 15:13:40 | 000,098,768 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\bdfndisf6.sys [2013.05.09 15:13:40 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys [2013.05.09 15:13:36 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2013.05.09 15:13:36 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys [2013.05.09 15:13:35 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2013.05.09 15:13:09 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll [2013.05.09 15:11:40 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentServer.dll [2013.05.09 15:11:40 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppXDeploymentExtensions.dll [2013.05.09 15:11:09 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Bitdefender [2013.05.09 15:11:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2013.05.09 15:10:38 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll [2013.05.09 15:10:38 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll [2013.05.09 15:10:04 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebcamUi.dll [2013.05.09 15:10:04 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserLanguagesCpl.dll [2013.05.09 15:10:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserLanguagesCpl.dll [2013.05.09 15:10:03 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Taskmgr.exe [2013.05.09 15:10:03 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebcamUi.dll [2013.05.09 15:10:02 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll [2013.05.09 15:10:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vds_ps.dll [2013.05.09 15:10:00 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013.05.09 15:10:00 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013.05.09 15:10:00 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2013.05.09 15:09:59 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.05.09 15:09:58 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Taskmgr.exe [2013.05.09 15:09:57 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll [2013.05.09 15:09:57 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll [2013.05.09 15:09:57 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds_ps.dll [2013.05.09 15:09:57 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsldr.exe [2013.05.09 15:09:56 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.05.09 15:09:53 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnapps.dll [2013.05.09 15:09:53 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpnapps.dll [2013.05.09 15:09:48 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.05.09 15:09:48 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.05.09 15:09:42 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthhfHid.sys [2013.05.09 15:09:42 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BtaMPM.sys [2013.05.09 15:08:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2013.05.09 15:08:11 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2013.05.09 15:08:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL [2013.05.09 15:08:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL [2013.05.09 15:08:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidi2c.sys [2013.05.09 15:07:01 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\QuickScan [2013.05.09 15:06:29 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll [2013.05.09 15:06:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.09 15:06:28 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll [2013.05.09 15:06:28 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll [2013.05.09 15:06:28 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll [2013.05.09 15:06:28 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.09 15:05:58 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys [2013.05.09 15:05:58 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys [2013.05.09 15:05:39 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys [2013.05.09 15:05:38 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys [2013.05.09 15:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2013.05.09 15:05:26 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\resetengmig.dll [2013.05.09 15:05:26 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysreset.exe [2013.05.09 15:04:56 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Mozilla [2013.05.09 15:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.05.09 15:04:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2013.05.09 15:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender [2013.05.09 15:04:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013.05.09 15:03:25 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wushareduxresources.dll [2013.05.09 15:03:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2013.05.09 15:03:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaext.dll [2013.05.09 15:03:15 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll [2013.05.09 15:03:15 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll [2013.05.09 15:03:14 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2013.05.09 15:03:14 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2013.05.09 15:03:14 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2013.05.09 15:03:14 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2013.05.09 15:03:14 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2013.05.09 15:03:14 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe [2013.05.09 15:03:14 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll [2013.05.09 15:03:12 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll [2013.05.09 15:03:12 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll [2013.05.09 15:03:11 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe [2013.05.09 15:03:08 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2013.05.09 15:03:06 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll [2013.05.09 15:03:06 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll [2013.05.09 15:03:06 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013.05.09 15:03:04 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2013.05.09 15:03:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2013.05.09 15:03:03 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll [2013.05.09 15:03:03 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll [2013.05.09 15:03:02 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll [2013.05.09 15:03:02 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll [2013.05.09 15:03:02 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2013.05.09 15:03:02 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll [2013.05.09 15:03:02 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll [2013.05.09 15:03:02 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl [2013.05.09 15:03:02 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll [2013.05.09 15:03:02 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl [2013.05.09 15:03:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll [2013.05.09 15:03:02 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWCN.dll [2013.05.09 15:03:02 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll [2013.05.09 15:03:02 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll [2013.05.09 15:03:02 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll [2013.05.09 15:03:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapPeerProxy.dll [2013.05.09 15:03:02 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapAuthProxy.dll [2013.05.09 15:03:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll [2013.05.09 15:03:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll [2013.05.09 15:03:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll [2013.05.09 15:02:58 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2013.05.09 15:02:54 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.05.09 15:02:51 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys [2013.05.09 15:02:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll [2013.05.09 14:59:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll [2013.05.09 14:59:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe [2013.05.09 14:59:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll [2013.05.09 14:59:19 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll [2013.05.09 14:58:11 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmpeg2srcsnk.dll [2013.05.09 14:58:10 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetcore.dll [2013.05.09 14:58:10 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmpeg2srcsnk.dll [2013.05.09 14:58:10 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetcore.dll [2013.05.09 14:58:09 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfnetsrc.dll [2013.05.09 14:58:09 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfnetsrc.dll [2013.05.09 14:56:34 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2013.05.09 14:56:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2013.05.09 14:56:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll [2013.05.09 14:56:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appserverai.dll [2013.05.09 14:56:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDWebAI.dll [2013.05.09 14:56:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmHostAI.dll [2013.05.09 14:52:11 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Immersive.dll [2013.05.09 14:52:10 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Immersive.dll [2013.05.09 14:52:07 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AppxSip.dll [2013.05.09 14:52:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AppxSip.dll [2013.05.09 14:52:06 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013.05.09 14:52:06 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2013.05.09 14:52:06 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll [2013.05.09 14:52:06 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll [2013.05.09 14:52:05 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll [2013.05.09 14:52:05 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll [2013.05.09 14:52:03 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallAPI.dll [2013.05.09 14:52:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icfupgd.dll [2013.05.09 14:52:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfapigp.dll [2013.05.09 14:52:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfapigp.dll [2013.05.09 14:52:02 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2013.05.09 14:52:02 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2013.05.09 14:52:02 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2013.05.09 14:52:02 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2013.05.09 14:52:01 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-pdc.dll [2013.05.09 14:52:00 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll [2013.05.09 14:52:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PCPKsp.dll [2013.05.09 14:52:00 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BdeUISrv.exe [2013.05.09 14:52:00 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCPKsp.dll [2013.05.09 14:51:59 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2013.05.09 14:51:59 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2013.05.09 14:51:59 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2013.05.09 14:51:59 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2013.05.09 14:51:59 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2013.05.09 14:51:59 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2013.05.09 14:51:59 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2013.05.09 14:51:59 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2013.05.09 14:51:59 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2013.05.09 14:51:59 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2013.05.09 14:51:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2013.05.09 14:51:59 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll [2013.05.09 14:51:59 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll [2013.05.09 14:51:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2013.05.09 14:51:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2013.05.09 14:51:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll [2013.05.09 14:51:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll [2013.05.09 14:51:57 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfmp4srcsnk.dll [2013.05.09 14:51:57 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfmp4srcsnk.dll [2013.05.09 14:51:50 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2013.05.09 14:51:48 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SpaceControl.dll [2013.05.09 14:51:48 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Storage.Compression.dll [2013.05.09 14:51:48 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Storage.Compression.dll [2013.05.09 14:51:48 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys [2013.05.09 14:51:47 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2013.05.09 14:51:47 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2013.05.09 14:51:43 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll [2013.05.09 14:51:43 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll [2013.05.09 14:51:42 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2013.05.09 14:51:42 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll [2013.05.09 14:51:42 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll [2013.05.09 14:51:40 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.05.09 14:51:40 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2013.05.09 14:51:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdhebl3.dll [2013.05.09 14:51:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdhebl3.dll [2013.05.09 14:51:39 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2013.05.09 14:51:38 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2013.05.09 14:51:38 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2013.05.09 14:51:37 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.05.09 14:51:36 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll [2013.05.09 14:51:33 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013.05.09 14:51:33 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SysFxUI.dll [2013.05.09 14:51:33 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys [2013.05.09 14:51:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys [2013.05.09 14:51:33 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdstor.sys [2013.05.09 14:51:32 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys [2013.05.09 14:50:34 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.05.09 14:50:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013.05.09 14:50:34 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnathlp.dll [2013.05.09 14:50:34 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnathlp.dll [2013.05.09 14:50:34 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnsvr.exe [2013.05.09 14:50:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhupnp.dll [2013.05.09 14:50:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnhpast.dll [2013.05.09 14:50:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhupnp.dll [2013.05.09 14:50:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnhpast.dll [2013.05.09 14:50:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnlobby.dll [2013.05.09 14:50:34 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2013.05.09 14:50:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnlobby.dll [2013.05.09 14:50:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2013.05.09 14:50:33 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnsvr.exe [2013.05.09 14:49:00 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll [2013.05.09 14:49:00 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll [2013.05.09 14:48:58 | 000,000,000 | -H-D | C] -- C:\$SysReset [2013.05.09 14:46:20 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgentc.exe [2013.05.09 14:46:20 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe [2013.05.09 14:46:15 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.05.09 14:46:15 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.05.09 14:46:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.09 14:45:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.09 14:45:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.09 14:44:59 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll [2013.05.09 14:44:59 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndadmin.exe [2013.05.09 14:44:58 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll [2013.05.09 14:44:58 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe [2013.05.09 14:44:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe [2013.05.09 14:44:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndadmin.exe [2013.05.09 14:44:38 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquota.dll [2013.05.09 14:44:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquota.dll [2013.05.09 14:44:37 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013.05.09 14:44:37 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rfxvmt.dll [2013.05.09 14:44:37 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013.05.09 14:44:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2013.05.09 14:44:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2013.05.09 14:44:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll [2013.05.09 14:44:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2013.05.09 14:43:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinapi.dll [2013.05.09 14:43:07 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll [2013.05.09 14:43:07 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll [2013.05.09 14:43:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DAFWSD.dll [2013.05.09 14:43:07 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\avrt.dll [2013.05.09 14:43:06 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcfg.dll [2013.05.09 14:43:06 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcat.dll [2013.05.09 14:43:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhengine.dll [2013.05.09 14:43:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhmanagew.exe [2013.05.09 14:43:06 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhshl.dll [2013.05.09 14:43:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsvc.dll [2013.05.09 14:43:06 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsrchapi.dll [2013.05.09 14:43:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhevents.dll [2013.05.09 14:43:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsrchph.dll [2013.05.09 14:43:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhlisten.dll [2013.05.09 14:43:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhautoplay.dll [2013.05.09 14:43:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhcleanup.dll [2013.05.09 14:43:06 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhsvcctl.dll [2013.05.09 14:43:05 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fhtask.dll [2013.05.09 14:43:01 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll [2013.05.09 14:43:01 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll [2013.05.09 14:43:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl [2013.05.09 14:43:01 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl [2013.05.09 14:43:00 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll [2013.05.09 14:43:00 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll [2013.05.09 14:43:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013.05.09 14:43:00 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013.05.09 14:42:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdbinst.exe [2013.05.09 14:42:55 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2013.05.09 14:42:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfctrs.dll [2013.05.09 14:42:55 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfproc.dll [2013.05.09 14:42:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfos.dll [2013.05.09 14:42:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll [2013.05.09 14:42:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfnet.dll [2013.05.09 14:42:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eventcls.dll [2013.05.09 14:42:53 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe [2013.05.09 14:42:53 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpremove.exe [2013.05.09 14:42:53 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LangCleanupSysprepAction.dll [2013.05.09 14:42:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MUILanguageCleanup.dll [2013.05.09 14:42:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetupproxyserv.dll [2013.05.09 14:42:52 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinapi.dll [2013.05.09 14:42:51 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll [2013.05.09 14:42:34 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll [2013.05.09 14:42:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdbinst.exe [2013.05.09 14:42:33 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll [2013.05.09 14:42:33 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe [2013.05.09 14:42:33 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll [2013.05.09 14:42:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimeng.dll [2013.05.09 14:42:32 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfos.dll [2013.05.09 14:42:32 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\microsoft-windows-kernel-power-events.dll [2013.05.09 14:42:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfctrs.dll [2013.05.09 14:42:32 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfproc.dll [2013.05.09 14:42:32 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll [2013.05.09 14:42:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfnet.dll [2013.05.09 14:42:31 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll [2013.05.09 14:42:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vsstrace.dll [2013.05.09 14:42:30 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TpmTasks.dll [2013.05.09 14:42:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eventcls.dll [2013.05.09 14:42:29 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll [2013.05.09 14:42:29 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2013.05.09 14:42:29 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll [2013.05.09 14:42:29 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll [2013.05.09 14:42:28 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys [2013.05.09 14:42:23 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpcMon.exe [2013.05.09 14:42:22 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rascfg.dll [2013.05.09 14:42:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll [2013.05.09 14:42:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ndptsp.tsp [2013.05.09 14:42:22 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp [2013.05.09 14:42:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kmddsp.tsp [2013.05.09 14:42:22 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmxs.dll [2013.05.09 14:42:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasser.dll [2013.05.09 14:42:21 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rascfg.dll [2013.05.09 14:42:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll [2013.05.09 14:42:21 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp [2013.05.09 14:42:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmxs.dll [2013.05.09 14:42:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasser.dll [2013.05.09 14:42:15 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Media.Streaming.dll [2013.05.09 14:42:15 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Media.Streaming.dll [2013.05.09 14:42:12 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsrcsnk.dll [2013.05.09 14:42:12 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll [2013.05.09 14:42:12 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll [2013.05.09 14:42:11 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsrcsnk.dll [2013.05.09 14:42:10 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2013.05.09 14:42:10 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfsvr.dll [2013.05.09 14:42:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfsvr.dll [2013.05.09 14:42:10 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvproc.dll [2013.05.09 14:42:10 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvproc.dll [2013.05.09 14:42:09 | 014,259,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2013.05.09 14:42:09 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll [2013.05.09 14:42:08 | 011,875,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2013.05.09 14:42:08 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2013.05.09 14:42:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx [2013.05.09 14:42:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll [2013.05.09 14:42:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll [2013.05.09 14:42:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx [2013.05.09 14:42:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll [2013.05.09 14:42:05 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfh264enc.dll [2013.05.09 14:42:05 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfh264enc.dll [2013.05.09 14:41:56 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2013.05.09 14:41:55 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\combase.dll [2013.05.09 14:41:55 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinTypes.dll [2013.05.09 14:41:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncHost.exe [2013.05.09 14:41:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSyncHost.exe [2013.05.09 14:41:49 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll [2013.05.09 14:41:49 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll [2013.05.09 14:41:48 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\provcore.dll [2013.05.09 14:41:48 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\provcore.dll [2013.05.09 14:41:47 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWAHost.exe [2013.05.09 14:41:47 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWAHost.exe [2013.05.09 14:41:45 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlidcredprov.dll [2013.05.09 14:41:45 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlidcredprov.dll [2013.05.09 14:41:44 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.dll [2013.05.09 14:41:44 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsSpellCheckingFacility.dll [2013.05.09 14:41:44 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpncore.dll [2013.05.09 14:41:44 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnprv.dll [2013.05.09 14:41:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll [2013.05.09 14:41:44 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevPropMgr.dll [2013.05.09 14:41:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psmsrv.dll [2013.05.09 14:41:43 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll [2013.05.09 14:41:42 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe [2013.05.09 14:41:41 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll [2013.05.09 14:41:41 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll [2013.05.09 14:41:41 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll [2013.05.09 14:41:41 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll [2013.05.09 14:41:41 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe [2013.05.09 14:41:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PackageStateRoaming.dll [2013.05.09 14:41:41 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PackageStateRoaming.dll [2013.05.09 14:41:33 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll [2013.05.09 14:41:32 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.05.09 14:41:29 | 001,701,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.05.09 14:41:27 | 003,847,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.05.09 14:41:27 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.05.09 14:41:27 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.05.09 14:41:26 | 002,367,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll [2013.05.09 14:41:26 | 002,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.05.09 14:41:25 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll [2013.05.09 14:41:25 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll [2013.05.09 14:41:25 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll [2013.05.09 14:41:25 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll [2013.05.09 14:41:21 | 000,120,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys [2013.05.09 14:41:20 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2013.05.09 14:41:20 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013.05.09 14:41:19 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2013.05.09 14:41:18 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\combase.dll [2013.05.09 14:41:18 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinTypes.dll [2013.05.09 14:41:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL [2013.05.09 14:41:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\svchost.exe [2013.05.09 14:41:15 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe [2013.05.09 14:41:13 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013.05.09 14:41:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013.05.09 14:41:11 | 001,825,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2013.05.09 14:40:55 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013.05.09 14:40:55 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2013.05.09 14:40:54 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS [2013.05.09 14:40:53 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys [2013.05.09 14:40:53 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys [2013.05.09 14:40:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool [2013.05.09 14:40:03 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013.05.09 14:39:57 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Sony Corporation [2013.05.09 14:39:38 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Power2Go8 [2013.05.09 14:39:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\ATI [2013.05.09 14:39:13 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\ATI [2013.05.09 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Sony Corporation [2013.05.09 14:38:25 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\BMExplorer [2013.05.09 14:38:05 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Atheros [2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\Searches [2013.05.09 14:37:09 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.09 14:36:58 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Adobe [2013.05.09 14:36:42 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.05.09 14:36:42 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.05.09 14:36:41 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.05.09 14:36:41 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.05.09 14:36:41 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013.05.09 14:36:41 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.05.09 14:36:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2013.05.09 14:36:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2013.05.09 14:31:35 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\VirtualStore [2013.05.09 14:31:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013.05.09 14:31:22 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2013.05.09 14:25:28 | 000,000,000 | --SD | C] -- C:\Users\Marko\AppData\Roaming\Microsoft [2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\Favorites [2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\Desktop [2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.09 14:25:28 | 000,000,000 | R--D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Vorlagen [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Verlauf [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Temporary Internet Files [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Startmenü [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\SendTo [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Recent [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Netzwerkumgebung [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Lokale Einstellungen [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Videos [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Musik [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Eigene Dateien [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Documents\Eigene Bilder [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Druckumgebung [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Cookies [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\AppData\Local\Anwendungsdaten [2013.05.09 14:25:28 | 000,000,000 | -HSD | C] -- C:\Users\Marko\Anwendungsdaten [2013.05.09 14:25:28 | 000,000,000 | -H-D | C] -- C:\Users\Marko\AppData [2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Temp [2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\Microsoft [2013.05.09 14:25:28 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.05.09 14:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.05.08 16:19:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe [2013.05.07 19:33:00 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\mbar [2013.05.04 13:42:10 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\My Recorded Scripts [2013.05.03 15:19:04 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Neuer Ordner ========== Files - Modified Within 30 Days ========== [2013.05.10 21:03:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.10 19:31:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.10 18:25:43 | 000,021,652 | ---- | M] () -- C:\Users\Marko\Desktop\OTL.zip [2013.05.10 18:10:33 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.10 18:10:33 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.10 18:10:33 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.10 18:10:33 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.10 18:10:32 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.10 18:06:18 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.10 18:04:22 | 000,424,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.10 18:04:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.10 18:04:01 | 2532,749,311 | -HS- | M] () -- C:\hiberfil.sys [2013.05.10 17:53:10 | 000,628,743 | ---- | M] () -- C:\Users\Marko\Desktop\adwcleaner.exe [2013.05.10 17:52:37 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Marko\Desktop\JRT.exe [2013.05.09 19:58:57 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Marko\Desktop\tdsskiller.exe [2013.05.09 19:58:37 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Marko\Desktop\aswMBR.exe [2013.05.09 19:54:33 | 000,001,030 | ---- | M] () -- C:\Users\Marko\Desktop\Festplatte APM - Verknüpfung.lnk [2013.05.09 17:27:41 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.09 16:30:33 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml [2013.05.09 15:40:02 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.05.09 15:29:26 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.09 15:28:22 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.09 15:19:46 | 000,600,339 | ---- | M] () -- C:\ProgramData\1368104719.bdinstall.bin [2013.05.09 15:14:34 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01 [2013.05.09 15:14:34 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr [2013.05.09 15:14:34 | 000,000,636 | -H-- | M] () -- C:\bdr-cf01 [2013.05.09 15:14:09 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk [2013.05.09 15:14:09 | 000,002,197 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk [2013.05.09 15:14:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2013.05.09 14:37:49 | 000,020,340 | ---- | M] () -- C:\Users\Marko\Desktop\Entfernte Anwendungen.html [2013.05.09 14:29:48 | 000,020,958 | ---- | M] () -- C:\Windows\diagwrn.xml [2013.05.09 14:29:47 | 000,020,958 | ---- | M] () -- C:\Windows\diagerr.xml [2013.05.08 21:52:47 | 002,277,715 | ---- | M] () -- C:\Users\Marko\Desktop\20130508_200557.jpg [2013.05.08 16:19:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe [2013.05.07 20:04:45 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02 [2013.05.07 20:04:45 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr [2013.05.07 20:04:45 | 000,000,638 | -H-- | M] () -- C:\bdr-cf02 [2013.05.07 19:47:30 | 000,377,856 | ---- | M] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe [2013.05.02 19:55:40 | 000,272,870 | ---- | M] () -- C:\Users\Marko\Desktop\hm.oxps [2013.04.17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys [2013.04.17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys [2013.04.12 17:39:26 | 009,892,886 | ---- | M] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg [2013.04.12 17:19:12 | 038,516,263 | -H-- | M] () -- C:\bdr-im02.gz ========== Files Created - No Company Name ========== [2013.05.10 18:25:43 | 000,021,652 | ---- | C] () -- C:\Users\Marko\Desktop\OTL.zip [2013.05.10 18:04:10 | 000,424,616 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.10 17:53:10 | 000,628,743 | ---- | C] () -- C:\Users\Marko\Desktop\adwcleaner.exe [2013.05.09 19:54:33 | 000,001,030 | ---- | C] () -- C:\Users\Marko\Desktop\Festplatte APM - Verknüpfung.lnk [2013.05.09 17:27:41 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.09 17:26:36 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.09 17:26:34 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.09 16:30:33 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml [2013.05.09 15:40:02 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.05.09 15:29:26 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2013.05.09 15:29:26 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.09 15:28:22 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.09 15:28:22 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.09 15:24:36 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.05.09 15:19:45 | 000,600,339 | ---- | C] () -- C:\ProgramData\1368104719.bdinstall.bin [2013.05.09 15:14:34 | 000,000,636 | -H-- | C] () -- C:\bdr-cf01 [2013.05.09 15:14:09 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk [2013.05.09 15:14:09 | 000,002,197 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security 2013.lnk [2013.05.09 15:14:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf [2013.05.09 15:11:04 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01 [2013.05.09 15:11:04 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr [2013.05.09 15:10:57 | 038,516,263 | -H-- | C] () -- C:\bdr-im01.gz [2013.05.09 15:10:57 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01 [2013.05.09 14:41:25 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll [2013.05.09 14:41:25 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.05.09 14:37:49 | 000,020,340 | ---- | C] () -- C:\Users\Marko\Desktop\Entfernte Anwendungen.html [2013.05.09 14:36:58 | 000,001,438 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.09 14:36:50 | 000,002,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk [2013.05.09 14:25:20 | 000,020,958 | ---- | C] () -- C:\Windows\diagwrn.xml [2013.05.09 14:25:20 | 000,020,958 | ---- | C] () -- C:\Windows\diagerr.xml [2013.05.08 21:52:46 | 002,277,715 | ---- | C] () -- C:\Users\Marko\Desktop\20130508_200557.jpg [2013.05.07 19:47:29 | 000,377,856 | ---- | C] () -- C:\Users\Marko\Desktop\gmer_2.1.19163.exe [2013.05.02 19:55:38 | 000,272,870 | ---- | C] () -- C:\Users\Marko\Desktop\hm.oxps [2013.04.12 17:39:25 | 009,892,886 | ---- | C] () -- C:\Users\Marko\Documents\Laziska-rysunek-planu-XXXVI_238_10-Model.jpg [2013.01.17 20:07:07 | 000,010,495 | ---- | C] () -- C:\Users\Marko\Giemza_elster_2048.pfx [2013.01.07 19:36:11 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2013.01.07 18:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.08.21 12:02:51 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.08.21 12:02:51 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.08.21 12:02:50 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
10.05.2013, 20:38
| #14 |
| | Mahnung mit Anhang handyshop.de und Extras Code:
ATTFilter OTL Extras logfile created on: 10.05.2013 21:23:43 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marko\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 6,57 Gb Available Physical Memory | 82,69% Memory free
12,45 Gb Paging File | 10,41 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 429,66 Gb Total Space | 243,94 Gb Free Space | 56,77% Space Free | Partition Type: NTFS
Computer Name: MARCO | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2775004557-157767295-234458685-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- c:\program files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0951D2E1-D74F-48E6-A7CA-A6A3071D3971}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0A25A8A7-997C-4DC9-8779-BD2AA4F16228}" = dir=out | name=mcafee security advisor for sony |
"{12A3DC6B-8C9C-4F99-A4BC-542691288871}" = dir=out | name=microsoft minesweeper |
"{12C4B2C5-0B76-4308-9642-23A404004EA6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{1A627A81-FCDB-4359-A6B6-EE5F71972348}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{1BCB4F6F-8338-4807-88AD-2369D724CC03}" = dir=out | name=wordament |
"{1F3345A8-EF4E-47EE-9F47-74B7FD5FB935}" = dir=out | name=vaio message center |
"{21EEB5F9-1C54-47E8-A301-B801C2E644FC}" = dir=out | name=taptiles |
"{2A54FEEF-36C0-4459-BFDE-F2AD7FE846A5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2EF3358C-BF7B-49FD-9BD4-689C18387587}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{32EB4D28-D8E5-4C63-8642-4A43F5D74B69}" = dir=out | name=- games app - |
"{33FD9A5F-A647-4E92-9A80-479EF503AA89}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{4A593217-4CD8-49BD-86DA-FF46B86305E9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5C7B4E84-413B-4A72-A8F5-75C74183C9B9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{5C8AF4FD-B98B-4224-85C1-1B3C94730DC2}" = dir=out | name=microsoft solitaire collection |
"{61D5201F-E2BC-4C56-9780-8AC42C6C7659}" = dir=out | name=skype |
"{6B0C650C-8F1D-4F34-8A55-5233780292C5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6C719750-AB40-4387-8286-AD3A4507208F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{71329C44-C82D-46AF-9FA7-F2058134448F}" = dir=out | name=vaio care |
"{7691044B-B720-4441-A2C0-F68BF373071B}" = dir=in | name=ebay |
"{7AB64358-22A3-4E58-8A53-4AD5FD599B39}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7AE3E803-61A6-4C55-8721-CDC282158265}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8123139D-77F8-40D0-8AEE-A4B1B604A852}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{819F78F7-5827-422C-B692-A29350B02B02}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{89B8243F-6641-447A-87F3-9A24280870EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{8B07ACAA-6F9F-448A-9279-41FB80350F2E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{95D2A332-8819-4B3A-B4D9-D0F3ED18A653}" = dir=in | name=vaio care |
"{99E60D6A-6C60-4122-9054-DC335F781C40}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A8271BF6-986F-468C-BF97-B2401BD857D9}" = dir=out | name=ebay |
"{B629B822-0D5E-4A4D-934C-FFEA1C10AED2}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{C7EFD2BA-F489-49AB-8A56-10949374A4A2}" = dir=in | name=skype |
"{DD1B8599-7484-4E3A-90C5-BE70E206BC6E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ED071BD4-FF56-4DF3-BD0E-0DD5900AA358}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{ED404449-B544-4C28-9600-F8FF7A2D4D3E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F27AE307-315A-4504-85D2-4FDCC29F6F7A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FDBFAC30-24D7-4D3B-A5F1-F2A2B181A824}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{563F8449-4B3A-97E2-7A81-4F759B839A24}" = ccc-utility64
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}" = AMD Catalyst Install Manager
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Total Security 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{10DD6128-A810-4A90-9523-475D573FBB37}" = PlayMemories Home
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{213A3194-8823-AF6B-C337-7F30BFDF6E24}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316417DF-A8D7-7205-62E1-936888623793}" = CCC Help Finnish
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F2023E0-E239-2949-FE8F-109AE94F6FEE}" = CCC Help Japanese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D189642-1AEE-FF5C-C22B-C475E8F5277E}" = CCC Help Czech
"{51A80EB0-B405-11E1-9C1E-005056C00008}" = SCS Shortcut
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{59CBE755-0DB7-6D38-7844-D3F64C02C276}" = CCC Help French
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{628B0EA5-5DDA-8B14-564C-4118AD6BB510}" = CCC Help Chinese Standard
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6422F3DE-C1B3-D119-CD48-2C5DC279848F}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6E9E809C-11A1-8200-EC5C-11F6BF9AF20A}" = CCC Help German
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{7F6E0234-231C-49C5-AB31-6BAB49E3C3A4}" = Catalyst Control Center - Branding
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{97104137-F5C1-2942-D133-7C2270A86522}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BC49216-ACA9-20FA-E3B9-0086E068A54E}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5FBFE07-B781-EFFB-35DF-257FF747FA31}" = CCC Help Russian
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AD987AA5-9763-8B69-8DB3-7F89C4FE1E8A}" = CCC Help Hungarian
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B27588E3-A374-CC37-B0C1-3CB424620019}" = CCC Help Turkish
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B8D91D32-0820-4D76-8D95-2EB69392BA08}" = CCC Help Portuguese
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C37139BF-04DB-DF3C-19A4-99A5516C1507}" = CCC Help Chinese Traditional
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{CA17221C-586B-89E0-66CB-DA5C050BFB22}" = Catalyst Control Center Localization All
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D8B63B13-8508-596F-8160-ACEA2FA39FA5}" = Catalyst Control Center Graphics Previews Common
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{D96F904B-1145-83E2-09B3-12153541EAF7}" = CCC Help Dutch
"{E5D82C0C-4AD7-5CC5-942C-72B749EFEE0D}" = CCC Help Korean
"{E64E9130-B2DD-3124-07BD-B767D51FDB8A}" = CCC Help Thai
"{E8597443-184D-4531-EEAE-211698F90205}" = CCC Help Danish
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{EF0ACDFD-39CB-396F-1F23-EC861885DA29}" = CCC Help Polish
"{EFFEE375-EC29-15A3-5DB0-41658D9BB10C}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D2A254-F2AE-EDE4-3CD2-AD8BDCC0B255}" = CCC Help Swedish
"{F7F163E1-4BF4-E56B-E400-B97D362E17CC}" = Catalyst Control Center
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC520B48-BFFC-A91F-64D5-213EFD759783}" = CCC Help Greek
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"Intel AppUp(SM) center 38645" = Intel AppUp(SM) center
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROPLUS" = Microsoft Office Professional Plus 2007
"WildTangent sony Master Uninstall" = WildTangent-Spiele
"WTA-29194baf-f808-40ae-85e9-d2a0b0a671ce" = Heroes of Hellas 3: Athens
"WTA-3d6d0e0d-e6f5-4a20-bd8f-ff96237cd21d" = Aloha TriPeaks
"WTA-4305f2ba-da0c-4af1-9a51-5120603176a0" = Bejeweled 3
"WTA-4b7ff52f-35ca-4171-afeb-b3693a5fe53a" = Build-a-lot: On Vacation
"WTA-4d5621fd-3efc-4e71-87f6-146b24886ccb" = Plants vs. Zombies - Game of the Year
"WTA-5ae0529a-0a0a-4ff6-a9c1-6829d451afbb" = Chronicles of Albian
"WTA-745daa78-3d4d-4fd9-9341-89ad31f7f4f8" = FATE
"WTA-7dca1ce8-30cc-4ea0-91ac-0006f5790c23" = Chuzzle Deluxe
"WTA-8b05834c-d76c-4616-aae4-6ee815dd71b1" = Mystery P.I. - The London Caper
"WTA-a15f03f9-59d7-4b8e-a452-a30a6a21eac5" = Agatha Christie - Death on the Nile
"WTA-ad029ab8-73a6-4eaf-91b3-57cab26d54ce" = Cradle Of Egypt Collector's Edition
"WTA-bb11e983-9950-4822-8b16-0d06caf9721f" = Mystery of Mortlake Mansion
"WTA-cd7e4db8-39e4-486a-be09-9802da3e4436" = Luxor HD
"WTA-e142876c-4f8e-4ade-a250-8a3d89d0b950" = Mahjongg Artifacts
"WTA-f4bbbd58-2f45-4805-a267-d87e17c613b8" = Polar Bowler
"WTA-f96b33fa-0683-47e2-9476-9d6767b357c4" = Virtual Villagers 4 - The Tree of Life
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 10.05.2013 12:05:00 | Computer Name = Marco | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Content Filter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 10.05.2013 12:10:44 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
Error - 10.05.2013 15:09:12 | Computer Name = Marco | Source = bowser | ID = 8003
Description =
< End of report >
|
|
10.05.2013, 20:48
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Mahnung mit Anhang handyshop.de Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Mahnung mit Anhang handyshop.de |
| msdos.exe, windows 8 64, windows 8 64 bit |
Linear-Darstellung
