| |
| |||||||
Log-Analyse und Auswertung: TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.08.2013, 16:03
| #1 |
 |  TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Guten Tag, meine Freundin hatte eine Setup-Datei von einem Computerspiel auf ihrem USB-Stick, den sie mir gegeben hat. Ich führte also die Setup-Datei aus und die Installation wurde abgeschlossen. Am Ende der Installation benachrichtigte mich Avira, dass es den Zugriff durch das Programm verhindert hätte, da es ein unerwünschtes Programm bzw. einen Virus enthalte. Avira meldete, es habe das trojanische Pferd TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe gefunden. Avira fragte zudem, ob ich das Programm entfernen möchte, worauf ich auf Entfernen klickte. Allerdings sieht es danach aus, dass Avira den Virus nicht entfernt hat bzw. nicht entfernen konnte, denn die Malware wird nur als gefunden angezeigt (siehe Screenshot bild). Jetzt im Nachhinein wird mir klar, dass die Setup-Datei unmöglich die Setup-Datei von dem besagten Spiel gewesen sein kann. Ich glaube eher, dass ich durch die Datei direkt einen Virus auf meinem Laptop installiert habe. Ich habe alle Schritte der "Anleitung für Hilfesuchende bei Trojaner- und Virenbefall" durchgeführt, jedoch tauchten bei "Schritt 3: Scan mit GMER" drei Fehlermeldungen auf, eine vor dem Scan und zwei nach dem Scan (siehe Screenshots bild1,bild2,bild3). Ich würde jetzt gerne wissen, wie ich den Trojaner wieder von meinem Laptop entferne? Und ich weiß nicht, ob es wichtig ist, aber ich habe Windows 8. Hier die Logfiles und Screenshots. Vielen Dank im Voraus. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:29 on 31/08/2013 (Nicole)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 03
Ran by Nicole (administrator) on *** on 31-08-2013 15:37:57
Running from C:\Users\Nicole\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-18] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-13] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-13] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-28] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AT Service signup] - c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Startup: C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {083BDFAB-821E-4F76-81A0-9B455DD1CB1F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {083BDFAB-821E-4F76-81A0-9B455DD1CB1F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {47D16D1C-765B-469E-B72A-A91729F2E5C4} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\v9ulvmau.default
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\v9ulvmau.default\Extensions\ich@maltegoetz.de
FF Extension: ffextension - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\v9ulvmau.default\Extensions\ffextension@weheartit.com.xpi
FF Extension: firefox - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\v9ulvmau.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\v9ulvmau.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Docs) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1266336 2012-07-24] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]
==================== Drivers (Whitelisted) ====================
S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-05-26] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203672 2013-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-31 15:34 - 2013-08-31 15:35 - 00000000 ____D C:\Users\Nicole\Desktop\bilder
2013-08-31 15:34 - 2013-08-31 15:34 - 01589756 _____ (Farbar) C:\Users\Nicole\Desktop\FRST64.exe
2013-08-31 15:29 - 2013-08-31 15:29 - 00000474 _____ C:\Users\Nicole\Desktop\defogger_disable.log
2013-08-31 15:29 - 2013-08-31 15:29 - 00000000 _____ C:\Users\Nicole\defogger_reenable
2013-08-31 15:28 - 2013-08-31 15:28 - 00050477 _____ C:\Users\Nicole\Desktop\Defogger.exe
2013-08-31 15:05 - 2013-08-31 15:05 - 00000000 ____D C:\Program Files (x86)\Chicken Invaders 1,2,3,4 Collection
2013-08-31 13:12 - 2013-08-31 13:12 - 00000000 ____D C:\Users\Nicole\Desktop\Chicken Invaders 2 Christmas Edition
2013-08-31 13:02 - 2013-08-31 13:02 - 00001334 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders TNW demo.lnk
2013-08-30 23:27 - 2013-08-30 23:27 - 00000000 ____D C:\ProgramData\Intenium
2013-08-30 23:08 - 2013-08-31 13:12 - 00000000 ____D C:\ProgramData\InterAction studios
2013-08-30 23:04 - 2013-08-30 23:04 - 00001385 _____ C:\Users\Public\Desktop\Die verzauberten Inseln.lnk
2013-08-30 23:04 - 2013-08-30 23:04 - 00001290 _____ C:\Users\Public\Desktop\Beetle Ju 3 Special.lnk
2013-08-30 23:03 - 2013-08-30 23:04 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-08-30 23:03 - 2013-08-30 23:03 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-08-28 21:32 - 2013-08-28 21:33 - 00000000 ____D C:\Users\Nicole\Daydream Nation
2013-08-28 15:21 - 2013-08-28 15:21 - 00000000 ____D C:\Users\Nicole\Sonic Youth
2013-08-27 22:49 - 2013-08-27 22:49 - 00000000 ____D C:\Users\Nicole\The Pixies
2013-08-27 21:52 - 2013-08-27 21:52 - 00000000 ____D C:\Users\Nicole\The Sonics
2013-08-27 15:55 - 2013-08-28 16:53 - 00000000 ____D C:\Users\Nicole\Desktop\KK
2013-08-27 15:47 - 2013-08-27 15:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-08-26 11:13 - 2013-08-26 11:14 - 00000000 ____D C:\Users\Nicole\Desktop\SharePod
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Nitro
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\FileOpen
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\ProgramData\Nitro
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\ProgramData\FileOpen
2013-08-23 13:28 - 2013-08-23 13:28 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Downloaded Installations
2013-08-23 13:26 - 2013-08-23 13:27 - 15911976 _____ (Geek Software GmbH ) C:\Users\Nicole\Desktop\pdf24-creator-5.7.0.exe
2013-08-23 13:26 - 2013-08-23 13:26 - 01678960 _____ (Solid State Networks) C:\Users\Nicole\Desktop\nitro_pdf_reader3565_64_dlm.exe
2013-08-22 21:30 - 2013-08-24 07:05 - 00000000 ____D C:\Users\Nicole\Desktop\Mamas Bilder
2013-08-18 15:58 - 2013-08-24 12:22 - 00000000 ____D C:\Users\Nicole\Desktop\Dokumente
2013-08-18 15:00 - 2013-08-18 15:01 - 00000000 ____D C:\Users\Nicole\MGMT
2013-08-18 13:08 - 2013-08-30 21:35 - 00000000 ____D C:\Users\Nicole\Kleidung
2013-08-18 00:18 - 2013-08-18 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 13:54 - 2013-08-15 13:55 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 18:37 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-14 18:37 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-14 11:07 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 11:07 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 11:07 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 11:06 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 11:06 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 11:06 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-14 11:06 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-14 11:06 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 11:06 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 11:06 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 11:06 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 11:06 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 11:06 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 11:06 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 11:06 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 11:06 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 11:06 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 11:06 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 11:06 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 11:04 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 11:04 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 11:04 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 11:04 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-14 11:04 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-14 11:04 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 11:04 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 11:04 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-14 11:04 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-12 13:31 - 2013-08-12 13:31 - 00000834 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free_Encoder_Pack_2013-05-29.lnk
2013-08-11 23:03 - 2013-08-11 23:03 - 00000295 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk
2013-08-10 13:24 - 2013-08-10 13:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-05 13:36 - 2013-08-08 16:13 - 00000000 ____D C:\Users\Nicole\Krasse Songs
2013-08-03 15:50 - 2013-08-03 15:50 - 00125440 _____ C:\Windows\system32\Drivers\acedrv07.sys
2013-08-03 15:50 - 2013-08-03 15:50 - 00081920 _____ C:\Windows\SysWOW64\acedrv07.dll
2013-08-03 15:44 - 2013-08-03 15:44 - 00000000 ____D C:\Program Files\PONS
2013-08-03 15:39 - 2013-08-03 15:39 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-03 15:39 - 2013-08-03 15:39 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-03 15:39 - 2013-08-03 15:39 - 00000000 ____D C:\Program Files\CCleaner
2013-08-03 15:33 - 2013-08-03 15:34 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2013-08-03 15:32 - 2013-08-03 15:32 - 00003138 _____ C:\Windows\System32\Tasks\{07B1CCAA-CB3A-4FDB-BE5A-F7491071ABE4}
2013-08-03 15:32 - 2013-08-03 15:32 - 00000000 ___HD C:\Users\Nicole\InstallAnywhere
2013-08-03 13:57 - 2013-08-03 15:56 - 00000000 ___HD C:\Users\Nicole\Zero G Registry
2013-08-03 12:17 - 2013-08-03 16:01 - 00000000 ____D C:\Users\Nicole\Desktop\Unknown Artist
==================== One Month Modified Files and Folders =======
2013-08-31 15:37 - 2013-08-31 15:37 - 00000000 ____D C:\FRST
2013-08-31 15:35 - 2013-08-31 15:34 - 00000000 ____D C:\Users\Nicole\Desktop\bilder
2013-08-31 15:34 - 2013-08-31 15:34 - 01589756 _____ (Farbar) C:\Users\Nicole\Desktop\FRST64.exe
2013-08-31 15:32 - 2012-11-02 06:00 - 01498583 _____ C:\Windows\WindowsUpdate.log
2013-08-31 15:29 - 2013-08-31 15:29 - 00000474 _____ C:\Users\Nicole\Desktop\defogger_disable.log
2013-08-31 15:29 - 2013-08-31 15:29 - 00000000 _____ C:\Users\Nicole\defogger_reenable
2013-08-31 15:29 - 2013-04-25 11:09 - 00000000 ____D C:\Users\Nicole
2013-08-31 15:28 - 2013-08-31 15:28 - 00050477 _____ C:\Users\Nicole\Desktop\Defogger.exe
2013-08-31 15:28 - 2013-05-01 20:22 - 13923840 ___SH C:\Users\Nicole\Downloads\Thumbs.db
2013-08-31 15:06 - 2013-04-25 11:13 - 00000000 ___RD C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-31 15:05 - 2013-08-31 15:05 - 00000000 ____D C:\Program Files (x86)\Chicken Invaders 1,2,3,4 Collection
2013-08-31 15:03 - 2013-04-25 11:19 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2782182452-3932659577-1836125939-1001
2013-08-31 15:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-31 14:45 - 2013-04-26 11:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 14:40 - 2013-04-25 12:13 - 31370752 ___SH C:\Users\Nicole\Desktop\Thumbs.db
2013-08-31 13:12 - 2013-08-31 13:12 - 00000000 ____D C:\Users\Nicole\Desktop\Chicken Invaders 2 Christmas Edition
2013-08-31 13:12 - 2013-08-30 23:08 - 00000000 ____D C:\ProgramData\InterAction studios
2013-08-31 13:04 - 2012-11-02 05:32 - 00754172 _____ C:\Windows\system32\perfh007.dat
2013-08-31 13:04 - 2012-11-02 05:32 - 00156362 _____ C:\Windows\system32\perfc007.dat
2013-08-31 13:04 - 2012-07-26 09:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 13:02 - 2013-08-31 13:02 - 00001334 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders TNW demo.lnk
2013-08-30 23:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-30 23:27 - 2013-08-30 23:27 - 00000000 ____D C:\ProgramData\Intenium
2013-08-30 23:04 - 2013-08-30 23:04 - 00001385 _____ C:\Users\Public\Desktop\Die verzauberten Inseln.lnk
2013-08-30 23:04 - 2013-08-30 23:04 - 00001290 _____ C:\Users\Public\Desktop\Beetle Ju 3 Special.lnk
2013-08-30 23:04 - 2013-08-30 23:03 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-08-30 23:03 - 2013-08-30 23:03 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-08-30 21:35 - 2013-08-18 13:08 - 00000000 ____D C:\Users\Nicole\Kleidung
2013-08-28 21:33 - 2013-08-28 21:32 - 00000000 ____D C:\Users\Nicole\Daydream Nation
2013-08-28 16:53 - 2013-08-27 15:55 - 00000000 ____D C:\Users\Nicole\Desktop\KK
2013-08-28 15:21 - 2013-08-28 15:21 - 00000000 ____D C:\Users\Nicole\Sonic Youth
2013-08-28 11:39 - 2013-07-28 21:14 - 00000000 ____D C:\Users\Nicole\Let There Be Rock (Australian)
2013-08-27 22:49 - 2013-08-27 22:49 - 00000000 ____D C:\Users\Nicole\The Pixies
2013-08-27 21:52 - 2013-08-27 21:52 - 00000000 ____D C:\Users\Nicole\The Sonics
2013-08-27 15:47 - 2013-08-27 15:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2013-08-26 11:14 - 2013-08-26 11:13 - 00000000 ____D C:\Users\Nicole\Desktop\SharePod
2013-08-24 12:22 - 2013-08-18 15:58 - 00000000 ____D C:\Users\Nicole\Desktop\Dokumente
2013-08-24 07:05 - 2013-08-22 21:30 - 00000000 ____D C:\Users\Nicole\Desktop\Mamas Bilder
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Nitro
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\FileOpen
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\ProgramData\Nitro
2013-08-23 13:29 - 2013-08-23 13:29 - 00000000 ____D C:\ProgramData\FileOpen
2013-08-23 13:28 - 2013-08-23 13:28 - 00000000 ____D C:\Users\Nicole\AppData\Roaming\Downloaded Installations
2013-08-23 13:27 - 2013-08-23 13:26 - 15911976 _____ (Geek Software GmbH ) C:\Users\Nicole\Desktop\pdf24-creator-5.7.0.exe
2013-08-23 13:26 - 2013-08-23 13:26 - 01678960 _____ (Solid State Networks) C:\Users\Nicole\Desktop\nitro_pdf_reader3565_64_dlm.exe
2013-08-22 13:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-08-20 19:45 - 2013-04-26 11:56 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-18 15:01 - 2013-08-18 15:00 - 00000000 ____D C:\Users\Nicole\MGMT
2013-08-18 12:27 - 2013-04-25 11:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 00:18 - 2013-08-18 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 20:33 - 2013-06-10 00:32 - 00000000 ____D C:\Windows\Minidump
2013-08-15 18:51 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-15 13:57 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-15 13:57 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-15 13:57 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-15 13:55 - 2013-08-15 13:54 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:54 - 2013-04-27 12:10 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 13:31 - 2013-08-12 13:31 - 00000834 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free_Encoder_Pack_2013-05-29.lnk
2013-08-11 23:03 - 2013-08-11 23:03 - 00000295 _____ C:\Users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb (2).lnk
2013-08-10 13:24 - 2013-08-10 13:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-08-08 16:13 - 2013-08-05 13:36 - 00000000 ____D C:\Users\Nicole\Krasse Songs
2013-08-03 16:01 - 2013-08-03 12:17 - 00000000 ____D C:\Users\Nicole\Desktop\Unknown Artist
2013-08-03 15:56 - 2013-08-03 13:57 - 00000000 ___HD C:\Users\Nicole\Zero G Registry
2013-08-03 15:50 - 2013-08-03 15:50 - 00125440 _____ C:\Windows\system32\Drivers\acedrv07.sys
2013-08-03 15:50 - 2013-08-03 15:50 - 00081920 _____ C:\Windows\SysWOW64\acedrv07.dll
2013-08-03 15:44 - 2013-08-03 15:44 - 00000000 ____D C:\Program Files\PONS
2013-08-03 15:40 - 2013-04-25 11:51 - 00000000 ____D C:\Users\Nicole\AppData\Local\CrashDumps
2013-08-03 15:40 - 2012-08-03 03:59 - 00000000 ____D C:\Windows\Panther
2013-08-03 15:39 - 2013-08-03 15:39 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-03 15:39 - 2013-08-03 15:39 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-03 15:39 - 2013-08-03 15:39 - 00000000 ____D C:\Program Files\CCleaner
2013-08-03 15:34 - 2013-08-03 15:33 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2013-08-03 15:32 - 2013-08-03 15:32 - 00003138 _____ C:\Windows\System32\Tasks\{07B1CCAA-CB3A-4FDB-BE5A-F7491071ABE4}
2013-08-03 15:32 - 2013-08-03 15:32 - 00000000 ___HD C:\Users\Nicole\InstallAnywhere
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-30 12:26
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2013 03
Ran by Nicole at 2013-08-31 15:38:47
Running from C:\Users\Nicole\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Amazon Kindle (HKCU)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Beetle Ju 3 Special (x32)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)
Chronicles of Albian (x32 Version: 2.2.0.110)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
DEUTSCHLAND SPIELT GAME CENTER (x32)
Die verzauberten Inseln (x32)
eaner (Version: 4.04)
FATE (x32 Version: 2.2.0.97)
FDUx86 (x32 Version: 1.0.0)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110)
Intel AppUp(SM) center (x32 Version: 03.05.11)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® AT Service signup (x32 Version: 2.0.0.3)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.2.26)
KUx86 (x32 Version: 1.0.0)
Luxor HD (x32 Version: 2.2.0.110)
Mahjongg Artifacts (x32 Version: 2.2.0.110)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Nokia Connectivity Cable Driver (Version: 7.1.32.69)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PhotoScape (x32)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayMemories Home (x32 Version: 6.3.02.07270)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
Restore (x32 Version: 1.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
Update Installer for WildTangent Games App (x32)
VAIO - Xperia Link (x32 Version: 1.0.0.08170)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 1.2.0.08150)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.0.0.08170)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
WildTangent Games App (x32 Version: 4.0.8.7)
WildTangent-Spiele (x32 Version: 1.0.3.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XperiaLinkx86 (x32 Version: 1.0.0)
==================== Restore Points =========================
14-08-2013 10:15:43 Windows Update
21-08-2013 17:31:30 Geplanter Prüfpunkt
23-08-2013 11:28:35 Nitro Reader 3 wird installiert
30-08-2013 17:06:55 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0AB31705-E1E8-492D-94C4-14149BF082BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {0E88E2F4-23CD-4DAA-AC5E-AE53CC1B1029} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {171BD54C-B2B9-4886-8CCC-784923AA2928} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1D35697E-D5B3-4ABD-B508-47943FB7BEEC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2D1F2604-F3B7-44FB-83D0-F95BD060ABA0} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2782182452-3932659577-1836125939-1001
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3D600CE4-B267-46C9-9CD2-8ADEA3E1B0FE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {3EFA3633-CDD3-4F7A-91A0-EA12BBFED77C} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {3F628EE4-7769-46C2-98B5-BE65B400DB81} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File
Task: {3F939CB1-DBA6-46CE-A4AC-A144DB71898A} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4A8E5CF9-CBC7-4528-AABE-F9D6A61EE4BA} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4E7C09E5-9963-4C07-AD1E-96529CC08B32} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C283192-7AB5-46C7-BB47-76C74DB2AF50} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2012-08-09] (Sony Corporation)
Task: {5C37953D-25BE-4733-96EA-85DA9A346D07} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-08-20] (Sony Corporation)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {669C4A92-71C5-4753-A1B9-9B657FABCA42} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {68AEB037-94C9-4673-9F2E-CBD990454754} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8E4436CB-45AE-4635-89A8-DDC1C6A62CBD} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {90C05305-642D-4A50-8E5F-86BD4D1C67ED} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {950D8E37-EE55-42D5-9DC2-F0318DA89DAD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B3E546BE-D8AA-41E8-8529-5449C958A97D} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D27132CA-5A54-48A8-81C0-A79460214F71} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {DEE49240-55BA-4864-A4E0-D988FB8925AE} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F6AD6996-52AA-49AA-84ED-08A39C4A7C95} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {FA1B51C6-E113-49BA-A355-2B45C7AA6BDE} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {FF65BB38-B32F-4BB9-84AB-15262F471243} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-07-26 02:01 - 2012-07-26 05:05 - 01743872 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\combase.dll
2013-04-29 20:30 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\SHCORE.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\WINMMBASE.dll
2013-04-29 20:30 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\SHCORE.dll
2013-04-29 20:30 - 2012-10-11 07:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-04-29 20:21 - 2012-09-20 08:33 - 00699392 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2013-06-15 09:27 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\Bcp47Langs.dll
2013-06-15 09:27 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2012-07-26 01:33 - 2012-07-26 05:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00171008 _____ (Microsoft Corporation) C:\Windows\System32\IDStore.dll
2013-05-19 18:16 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2012-07-26 04:06 - 2012-07-26 05:07 - 00119296 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\sppc.dll
2012-07-25 22:22 - 2012-08-17 19:43 - 08518144 _____ (Intel Corporation) C:\Windows\SYSTEM32\igd10umd64.dll
2012-07-26 02:05 - 2012-07-26 05:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\dcomp.dll
2012-07-26 01:31 - 2012-07-26 05:08 - 00343552 _____ (Microsoft Corporation) C:\Windows\System32\wlidprov.dll
2012-07-26 01:24 - 2012-07-26 05:05 - 00186368 _____ (Microsoft Corporation) C:\Windows\System32\InputSwitch.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 01161216 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\UIAutomationCore.dll
2012-07-26 02:04 - 2012-07-26 05:07 - 00046592 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\windows.globalization.fontgroups.dll
2013-04-25 12:03 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2012-07-26 02:05 - 2012-07-26 05:07 - 00029184 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\wcmapi.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00132968 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll
2012-07-26 01:22 - 2012-07-26 05:06 - 00601600 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2012-07-26 03:37 - 2012-07-26 05:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\NcaApi.dll
2012-07-26 01:33 - 2012-07-26 05:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\BluetoothApis.dll
2012-07-26 04:33 - 2012-07-26 04:33 - 00629760 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\UIRibbonRes.dll
2012-07-26 04:13 - 2012-07-26 05:05 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\drprov.dll
2012-07-26 02:04 - 2012-07-26 05:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2012-07-26 03:37 - 2012-07-26 05:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-07-26 02:59 - 2012-07-26 05:05 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\dlnashext.dll
2013-04-25 12:08 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2012-07-26 01:55 - 2012-07-26 05:07 - 00180224 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\WINMMBASE.dll
2012-07-26 02:06 - 2012-07-26 05:05 - 00059904 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\dfscli.dll
2012-07-26 02:05 - 2012-07-26 05:05 - 00057856 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\browcli.dll
2013-08-14 11:04 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\apprepapi.dll
2012-07-26 04:19 - 2012-07-26 05:06 - 00023040 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\pcacli.dll
2012-07-26 04:09 - 2012-07-26 05:07 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\qmgrprxy.dll
2012-07-26 02:12 - 2012-07-26 06:55 - 01326784 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\webservices.dll
2013-04-25 12:08 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-04-29 20:23 - 2012-09-20 08:33 - 01304064 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2012-07-26 02:06 - 2012-07-26 05:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\VirtDisk.dll
2012-07-26 03:21 - 2012-07-26 05:06 - 02109440 _____ (Microsoft Corporation) C:\Windows\System32\NLSData0007.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00033408 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00035456 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2011-06-11 02:15 - 2011-06-11 02:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MSVCP100.dll
2011-06-11 02:15 - 2011-06-11 02:15 - 00829264 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MSVCR100.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00098944 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\utils.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00027264 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2012-07-26 03:00 - 2012-07-26 05:05 - 00163328 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\credui.dll
2012-07-26 04:09 - 2012-07-26 05:05 - 00124928 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\CHARTV.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00202368 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2012-07-26 01:45 - 2012-07-26 05:06 - 00300032 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\NInput.dll
2012-07-26 02:49 - 2012-07-26 05:05 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2012-08-20 02:39 - 2012-08-17 20:07 - 00062976 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2012-08-20 02:39 - 2012-08-17 20:03 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-07-26 03:51 - 2012-07-26 05:05 - 00063488 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\elscore.dll
2012-07-26 04:22 - 2012-07-26 05:05 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\ElsLad.dll
2012-07-26 03:50 - 2012-07-26 05:05 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\Dot3MM.dll
2012-07-26 02:03 - 2012-07-26 05:08 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wlanconn.dll
2012-07-26 01:32 - 2012-07-26 05:05 - 00032256 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\datusage.dll
2012-07-26 02:05 - 2012-07-26 05:07 - 00042496 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\SrumAPI.dll
2012-07-26 03:15 - 2012-07-26 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\SetNetworkLocation.dll
2013-04-29 20:23 - 2012-09-20 08:33 - 00866304 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2012-07-26 02:51 - 2012-07-26 05:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\NetworkItemFactory.dll
2012-07-26 03:46 - 2012-07-26 05:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dtsh.dll
2013-04-29 20:29 - 2012-10-11 07:43 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2012-07-26 01:56 - 2012-07-26 05:05 - 00138752 _____ (Microsoft Corporation) C:\Windows\System32\FunDisc.dll
2012-07-26 02:00 - 2012-07-26 05:05 - 00074240 _____ (Microsoft Corporation) C:\Windows\System32\fdproxy.dll
2013-04-29 20:35 - 2012-11-06 06:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\fdwcn.dll
2013-04-29 20:35 - 2012-11-06 06:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\System32\wcnapi.dll
2012-07-26 03:18 - 2012-07-26 05:05 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\fdWNet.dll
2013-05-16 19:39 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00288896 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2013-05-26 21:06 - 2013-06-24 10:26 - 02288184 _____ (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00107648 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 01067136 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-06-11 02:15 - 2011-06-11 02:15 - 05601616 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\mfc100u.dll
2011-06-11 02:15 - 2011-06-11 02:15 - 00158536 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\ATL100.DLL
2011-06-11 02:15 - 2011-06-11 02:15 - 00064336 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MFC100DEU.DLL
2012-08-20 02:39 - 2012-08-17 20:03 - 00390144 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2012-08-20 02:39 - 2012-08-17 19:38 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.DLL
2012-08-20 02:39 - 2012-08-17 20:02 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2012-07-26 02:05 - 2012-07-26 05:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\NETAPI32.dll
2012-07-26 02:08 - 2012-07-26 05:06 - 00205312 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\NTASN1.dll
2013-04-25 12:02 - 2012-11-26 06:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2012-07-26 02:33 - 2012-07-26 05:07 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\systemcpl.dll
2012-07-26 02:03 - 2012-07-26 05:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\WINBRAND.dll
2012-07-26 16:22 - 2012-07-26 16:22 - 05606856 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\mfc110u.dll
2012-08-17 18:25 - 2012-08-17 18:25 - 00828872 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MSVCR110.dll
2012-08-17 18:25 - 2012-08-17 18:25 - 00661448 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MSVCP110.dll
2012-11-02 06:08 - 2012-08-09 11:06 - 00157352 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\viaggregator.dll
2013-04-29 20:30 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\SHCORE.DLL
2012-11-02 05:48 - 2012-08-18 01:46 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-11-02 05:48 - 2012-08-18 01:46 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-05-19 18:16 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\audioeng.dll
2013-07-10 14:21 - 2013-04-23 00:08 - 09808440 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
2012-07-25 22:13 - 2012-07-12 04:01 - 00856016 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\MSVCR110_CLR0400.dll
2013-07-13 14:33 - 2013-07-13 14:33 - 22589440 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ab0a8fc3d086a3aaf942f366a12a9185\mscorlib.ni.dll
2013-08-15 15:11 - 2013-08-15 15:11 - 13227520 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System\84008211017a9909ffd971633716ffc5\System.ni.dll
2013-08-15 15:11 - 2013-08-15 15:11 - 05458432 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\2c9293b1f1b691c2b1c5ae92d581532d\WindowsBase.ni.dll
2013-08-15 15:11 - 2013-08-15 15:11 - 14784000 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\ccb0cf23d8607c241d292c922aaa9061\PresentationCore.ni.dll
2013-08-15 15:12 - 2013-08-15 15:12 - 24338944 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\5ae84452122e5ba9f9157164ec4e1452\PresentationFramework.ni.dll
2013-08-15 15:14 - 2013-08-15 15:14 - 02561024 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\a26ad1493f4f8621e90811cb38ad22e2\System.Xaml.ni.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00010880 _____ (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\ExtensionToolkit.dll
2013-06-19 00:31 - 2013-04-02 00:06 - 02123320 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
2012-07-25 22:13 - 2012-07-12 04:01 - 01079792 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
2013-06-19 00:31 - 2013-04-02 00:06 - 01237024 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
2013-08-15 15:14 - 2013-08-15 15:14 - 10137088 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\17fa9b078e78b857f6c5f5a8081220ae\System.Xml.ni.dll
2013-08-15 15:12 - 2013-08-15 15:12 - 01259008 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\196905ff422a58f4cb735f4156b1ecaa\System.Configuration.ni.dll
2013-04-25 11:57 - 2012-08-31 02:52 - 00283192 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationFramework.resources\v4.0_4.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00034944 _____ (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.Infrastructure.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00114304 _____ (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\CommApiInterop.dll
2013-08-15 15:13 - 2013-08-15 15:13 - 01001984 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\77f6ab0fdc009b7ca96cc0c7d228da06\System.Runtime.Remoting.ni.dll
2012-07-26 01:54 - 2012-07-26 05:05 - 00101888 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\BluetoothApis.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-04-25 12:40 - 2013-04-25 12:40 - 05104968 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
2012-07-25 22:11 - 2012-07-06 04:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_08e717a5a83adddf\msvcm90.dll
2013-04-25 12:40 - 2013-04-25 12:40 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL
2013-08-15 15:12 - 2013-08-15 15:12 - 02268672 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\810a79f22ac4d44804984e417c380706\System.Drawing.ni.dll
2013-08-15 15:14 - 2013-08-15 15:14 - 16835072 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\91baa8291ae5873141b15f66d05888a4\System.Windows.Forms.ni.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00042112 _____ (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.Toolkit.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00070784 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\CombineAgent.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00253056 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvSdkDll.dll
2012-07-25 22:22 - 2012-08-17 20:00 - 08286720 _____ (Intel Corporation) C:\Windows\SYSTEM32\igdumd64.dll
2013-08-15 15:12 - 2013-08-15 15:12 - 00567296 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatioaec034ca#\9fb849115fa37e6b107e1d9799ad83da\PresentationFramework.Aero2.ni.dll
2012-07-26 04:07 - 2012-07-26 05:06 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2013-07-13 14:58 - 2013-07-13 14:58 - 00229888 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\c736af0f38831cb566c1f69d9cb6a43e\UIAutomationTypes.ni.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-07-25 22:13 - 2012-07-12 04:02 - 00132656 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
2013-06-19 00:30 - 2013-02-23 01:09 - 05413952 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00063104 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00063488 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00194048 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00083072 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00091136 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00087552 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-08-13 18:19 - 2012-08-13 18:19 - 00096768 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00177152 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00161792 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\BPP\BPP.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00036352 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00024576 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00087552 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00018432 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2012-08-13 18:21 - 2012-08-13 18:21 - 00419840 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 01067136 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\OutlookLib.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00142848 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00303616 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00124544 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2012-08-13 18:25 - 2012-08-13 18:25 - 00085632 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2012-08-13 18:22 - 2012-08-13 18:22 - 00065024 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00097280 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00064512 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2012-08-13 18:20 - 2012-08-13 18:20 - 00045056 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\VideoDistribution\VDP.dll
2012-08-13 18:21 - 2012-08-13 18:21 - 00066560 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2012-08-13 18:21 - 2012-08-13 18:21 - 00055296 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2012-07-26 01:58 - 2012-07-26 05:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\wshBth.dll
2012-08-13 18:19 - 2012-08-13 18:19 - 00098304 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2012-08-13 18:25 - 2012-08-13 18:25 - 00130176 _____ (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2011-06-11 02:15 - 2011-06-11 02:15 - 05574984 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\mfc100.dll
2012-08-20 02:39 - 2012-08-17 19:38 - 00110592 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2013-04-29 20:30 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\System32\SHCORE.dll
2012-08-20 02:39 - 2012-08-17 20:05 - 09007616 _____ (Intel Corporation) C:\Windows\System32\igfxress.dll
2012-08-20 02:39 - 2012-08-17 19:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-28 19:32 - 2012-08-27 10:53 - 01046328 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2012-08-28 19:32 - 2012-08-27 11:02 - 00228664 _____ (Synaptics Incorporated) C:\Windows\SYSTEM32\SynTPAPI.dll
2012-11-02 06:28 - 2012-07-19 05:52 - 00029856 ____N (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll
2013-06-15 09:27 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-07-26 02:06 - 2012-07-26 05:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\Cabinet.dll
2013-04-25 12:08 - 2013-03-02 04:45 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-11-02 07:39 - 2012-11-02 07:39 - 00294592 _____ (Sony Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\VAIOCareToolkit\v4.0_8.0.0.8080__6b746f706d1a5a7d\VAIOCareToolkit.dll
2013-08-15 15:11 - 2013-08-15 15:11 - 10137600 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\a51eab8159bbe5f0cd2713f383468750\System.Core.ni.dll
2013-08-18 01:41 - 2013-08-18 01:41 - 01441280 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Compba577418#\c2723f87e98dfed97b1553785a84e535\System.ComponentModel.Composition.ni.dll
2012-08-15 19:26 - 2012-08-15 19:26 - 00130752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\de-DE\VCSystemTray.resources.dll
2013-08-15 15:13 - 2013-08-15 15:13 - 26674688 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\95a5ee0a1e8324986bd4ed61dd78b494\System.ServiceModel.ni.dll
2013-04-25 11:57 - 2012-08-31 02:52 - 00994312 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
2013-06-19 00:30 - 2012-08-31 02:52 - 00043072 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.Composition.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.ComponentModel.Composition.resources.dll
2013-08-18 01:41 - 2013-08-18 01:41 - 00155136 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\54bae9cf68d2f949a1c60152c2970a50\SMDiagnostics.ni.dll
2013-08-15 15:13 - 2013-08-15 15:13 - 03602944 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\48b764fe44c1af86ea4052b7d4b08a47\System.Runtime.Serialization.ni.dll
2013-08-18 01:41 - 2013-08-18 01:41 - 01044992 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\5b64cfcf08e1e5fed1a239bacd3373c9\System.ServiceModel.Internals.ni.dll
2012-07-26 04:32 - 2012-07-26 05:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\pcwum.DLL
2012-07-25 22:13 - 2012-07-12 04:02 - 00024584 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\PresentationFramework-SystemXml\v4.0_4.0.0.0__b77a5c561934e089\PresentationFramework-SystemXml.dll
2013-08-18 01:41 - 2013-08-18 01:41 - 03880960 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\9ca25e2d4861cc899594aa78052c05f5\System.IdentityModel.ni.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00037056 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\IntelMonitor\IntelMonitorBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00032960 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\CommonPlugin\CommonPluginBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00239808 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\VAIOCare.Utilities.dll
2013-08-15 15:13 - 2013-08-15 15:13 - 00900096 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\9cf122c79464512c4d9e53a147b6d6c0\System.Transactions.ni.dll
2012-07-25 22:12 - 2012-07-12 04:01 - 00288216 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00025280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\MetricsPhilatelist\MetricsPhilatelistBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00025280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00010944 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationAPI.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00431808 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00018112 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\LaunchBrowser\LaunchBrowserBL.dll
2012-05-21 17:44 - 2012-05-21 17:44 - 00081920 _____ (Microsoft) C:\Program Files\Sony\VAIO Care\Libraries\Microsoft.WindowsAPICodePack.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00016576 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SystemSupport\SystemSupportBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00098496 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00019136 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00169664 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AboutVAIOHub\AboutVAIOHubPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00382656 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SoftwareHub\SoftwareHubPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00029376 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00012992 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealAPI.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00036544 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\SelfHeal.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00089792 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00016576 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00028352 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\IoloToolOpt.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00033472 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00015040 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00033984 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00011968 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00023744 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\BatteryCheck\BatteryCheckBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00179392 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00033472 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00050880 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Message\MessageBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00026304 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\DownloadManager\DownloadManagerBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00043712 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\GenericVAIOCareReminders\GenericVAIOCareRemindersBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00014528 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\UploadManager\UploadManagerBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdateCommon\VAIOCareUpdateCommonBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00034496 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdate\VAIOCareUpdateBL.dll
2012-11-02 06:00 - 2012-06-12 18:40 - 00130184 ____N (Sony Corporation) C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2012-07-26 02:03 - 2012-07-26 05:06 - 00315904 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.DLL
2012-07-26 02:06 - 2012-07-26 05:05 - 00068096 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\cryptdll.dll
2013-04-25 11:57 - 2012-08-31 02:52 - 00121944 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll
2013-04-25 11:57 - 2012-08-31 02:52 - 00296976 _____ (Microsoft Corporation) C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
2013-04-29 20:30 - 2012-10-11 07:45 - 00590848 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\shcore.dll
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Nicole\Desktop\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\Nicole\Downloads\Thumbs.db:encryptable
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/31/2013 01:45:36 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/30/2013 00:47:02 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/30/2013 07:05:19 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (08/27/2013 00:30:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2906
System errors:
=============
Error: (08/15/2013 06:51:56 PM) (Source: BugCheck) (User: )
Description: 0x000000c2 (0x0000000000000007, 0x00000000000011c1, 0x0000000004070008, 0xfffffa800aaeb9a0)C:\Windows\MEMORY.DMP081513-9281-01
Error: (08/15/2013 06:51:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/15/2013 06:51:43 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 15.08.2013 um 18:18:29 unerwartet heruntergefahren.
Error: (08/15/2013 02:20:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/14/2013 02:08:37 PM) (Source: DCOM) (User: Padrino)
Description: Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1
Error: (08/09/2013 05:53:12 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Error: (08/09/2013 05:53:09 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Error: (08/08/2013 05:36:41 PM) (Source: DCOM) (User: Padrino)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (08/08/2013 04:42:12 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.102
registriert werden. Der Computer mit IP-Adresse 192.168.2.103 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (08/05/2013 05:36:53 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Microsoft Office Sessions:
=========================
Error: (08/31/2013 01:45:36 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1094
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1094
Error: (08/30/2013 07:22:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078
Error: (08/30/2013 01:29:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/30/2013 00:47:02 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (08/30/2013 07:05:19 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (08/27/2013 00:30:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2906
CodeIntegrity Errors:
===================================
Date: 2013-08-15 18:51:40.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\Drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-15 14:20:38.694
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\Drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 3975.27 MB
Available physical RAM: 1542.7 MB
Total Pagefile: 8071.27 MB
Available Pagefile: 4332.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:268.6 GB) (Free:179.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 9A62CB23)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 11 GB) (Disk ID: FF14CA15)
Partition: GPT Partition Type
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-31 16:04:58
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003a Intel___ rev.1.0. 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Nicole\AppData\Local\Temp\pxtoapob.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\Explorer.EXE[2968] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fea8ed1532 4 bytes [ED, A8, FE, 07]
.text C:\Windows\Explorer.EXE[2968] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fea8ed153a 4 bytes [ED, A8, FE, 07]
.text C:\Windows\Explorer.EXE[2968] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fea8ed165a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3280] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fea8ed1532 4 bytes [ED, A8, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3280] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fea8ed153a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3280] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fea8ed165a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[6824] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fea8ed1532 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[6824] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fea8ed153a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtTray.exe[6824] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fea8ed165a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7572] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fea8ed1532 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7572] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fea8ed153a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7572] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fea8ed165a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7572] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fea8bb1b32 4 bytes [BB, A8, FE, 07]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[7572] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fea8bb1b3a 4 bytes [BB, A8, FE, 07]
.text C:\Windows\System32\igfxpers.exe[4024] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007feb042177a 4 bytes [42, B0, FE, 07]
.text C:\Windows\System32\igfxpers.exe[4024] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007feb0421782 4 bytes [42, B0, FE, 07]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[9992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007feb042177a 4 bytes [42, B0, FE, 07]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[9992] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007feb0421782 4 bytes [42, B0, FE, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[2740] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007feb042177a 4 bytes [42, B0, FE, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[2740] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007feb0421782 4 bytes [42, B0, FE, 07]
.text C:\Program Files\Sony\VAIO Care\VCAdmin.exe[5864] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fea8ed1532 4 bytes [ED, A8, FE, 07]
.text C:\Program Files\Sony\VAIO Care\VCAdmin.exe[5864] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fea8ed153a 4 bytes [ED, A8, FE, 07]
.text C:\Program Files\Sony\VAIO Care\VCAdmin.exe[5864] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fea8ed165a 4 bytes [ED, A8, FE, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [5564:9024] fffff960008bc5e8
---- Processes - GMER 2.1 ----
Library C:\Windows\system32\spool\DRIVERS\x64\3\NitroReaderUI3.dll (*** suspicious ***) @ C:\Windows\System32\spoolsv.exe [7692] 000000006d9f0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Exportierte Ereignisse:
31.08.2013 15:06 [System-Scanner] Malware gefunden
Die Datei 'C:\Windows\SysWOW64\SUSB.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Click.Age.245760' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e5c5abd.qua'
verschoben!
31.08.2013 15:05 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Windows\SysWOW64\SUSB.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Click.Age.245760' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
31.08.2013 15:05 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Windows\SysWOW64\SUSB.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Click.Age.245760' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter 29.08.2013,07:03:49 [INFO] Update-Auftrag gestartet!
29.08.2013,07:04:02 [INFO] Aktuelle Engine Version: 8.2.12.112
29.08.2013,07:04:02 [INFO] Aktuelle Version der VDF-Datei: 7.11.98.178
29.08.2013,13:03:54 [INFO] Update-Auftrag gestartet!
29.08.2013,13:04:04 [INFO] Aktuelle Engine Version: 8.2.12.112
29.08.2013,13:04:04 [INFO] Aktuelle Version der VDF-Datei: 7.11.98.212
29.08.2013,23:55:51 [INFO] Update-Auftrag gestartet!
29.08.2013,23:56:00 [INFO] Aktuelle Engine Version: 8.2.12.112
29.08.2013,23:56:00 [INFO] Aktuelle Version der VDF-Datei: 7.11.99.26
30.08.2013,07:06:45 [INFO] Update-Auftrag gestartet!
30.08.2013,07:06:54 [INFO] Aktuelle Engine Version: 8.2.12.112
30.08.2013,07:06:54 [INFO] Aktuelle Version der VDF-Datei: 7.11.99.42
30.08.2013,14:17:17 [INFO] Update-Auftrag gestartet!
30.08.2013,14:17:45 [INFO] Aktuelle Engine Version: 8.2.12.114
30.08.2013,14:17:45 [INFO] Aktuelle Version der VDF-Datei: 7.11.99.48
30.08.2013,21:13:12 [INFO] Update-Auftrag gestartet!
30.08.2013,21:13:22 [INFO] Aktuelle Engine Version: 8.2.12.114
30.08.2013,21:13:22 [INFO] Aktuelle Version der VDF-Datei: 7.11.99.92
31.08.2013,13:02:38 [INFO] Update-Auftrag gestartet!
31.08.2013,13:02:48 [INFO] Aktuelle Engine Version: 8.2.12.114
31.08.2013,13:02:48 [INFO] Aktuelle Version der VDF-Datei: 7.11.99.138
31.08.2013,15:05:27 [FUND] Ist das Trojanische Pferd TR/Click.Age.245760!
C:\Windows\SysWOW64\SUSB.exe
[INFO] Benutzer: ***\NICOLE
[INFO] Der Zugriff auf die Datei wurde verweigert!
31.08.2013,15:05:30 [FUND] Ist das Trojanische Pferd TR/Click.Age.245760!
C:\Windows\SysWOW64\SUSB.exe
[INFO] Benutzer: ***\NICOLE
[INFO] Datei wurde an Scanner übergeben.
31.08.2013,15:47:28 [WARNUNG] Echtzeit-Scanner wurde deaktiviert
31.08.2013,15:53:50 [INFO] Echtzeit-Scanner wurde aktiviert
31.08.2013,15:56:55 [WARNUNG] Echtzeit-Scanner wurde deaktiviert
31.08.2013,16:05:20 [INFO] Echtzeit-Scanner wurde aktiviert
|
|
31.08.2013, 16:32
| #2 |
| /// the machine /// TB-Ausbilder    | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Hi,
__________________Lass die Datei mal bei Virustotal.de scannen.
__________________ |
|
31.08.2013, 16:57
| #3 |
| | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Hallo,
__________________danke für die schnelle Antwort. Allerdings habe ich die Setup-Datei sofort nachdem die Warnmeldung auftauchte, gelöscht. Ist sie denn notwendig? Sollte ich sie mir jetzt wieder besorgen? |
|
31.08.2013, 20:41
| #4 |
| /// the machine /// TB-Ausbilder | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Ich meine die Datei im Thread-Titel im System Ordner 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 10:14
| #5 |
| | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Oh natürlich, entschuldigung  Aber ich habe soeben den gesamten Ordner durchsucht und die Datei ist da nicht mehr zu finden. Das liegt wohl daran, dass Avira sie ins Quarantäneverzeichnis verschoben hat? Muss ich die jetzt wiederherstellen? |
|
01.09.2013, 12:51
| #6 |
| /// the machine /// TB-Ausbilder | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Nö das machen wir anders: ESET Online Scanner
__________________ --> TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe |
|
01.09.2013, 15:46
| #7 |
| | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Okay, habe alles wie beschrieben gemacht. Hier die Logfile: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=481e30b67568b5449aced81a823be942
# engine=14974
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-01 02:40:32
# local_time=2013-09-01 04:40:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 96 20651 8451552 13429 0
# compatibility_mode=5893 16776574 100 94 1478605 37552543 0 0
# scanned=212774
# found=0
# cleaned=0
# scan_time=5052
|
|
01.09.2013, 17:28
| #8 |
| /// the machine /// TB-Ausbilder | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 18:26
| #9 |
| | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Vielen Dank schon einmal, allerdings habe ich noch eine Frage: Wenn ich bei Avira unter "Verwaltung" auf "Quarantäne" klicke werden die Dateien dort noch angezeigt und sind auch immernoch im Quarantänverzeichnis von Avira vorhanden. (Ich habe noch Screenshots davon gemacht und beigefügt.) Was hat es nun damit auf sich? |
|
01.09.2013, 19:58
| #10 |
| /// the machine /// TB-Ausbilder | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Die sind unter Quarantäne, wie der Name sagt, normal, macht jedes AV-Programm . Kannste löschen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.09.2013, 08:40
| #11 |
| | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Okay, dankeschön, ich hatte befürchtet, dass Avira eine befallene Systemdatei in Quarantäne geschickt hatte und dass ich, wenn ich sie löschen würde eine wichtige Systemdatei verlieren würde Aber dann ist ja alles erledigt, ich habe keine weiteren Fragen mehr!Großen herzlichen Dank für die Hilfe und die Tipps Liebe Grüße |
|
02.09.2013, 13:44
| #12 |
| /// the machine /// TB-Ausbilder | TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe |
| antivir, antivirus, avira, beschädigung, bonjour, cpu, device driver, diagnostics, entfernen, farbar, farbar recovery scan tool, firefox, firefox 23.0.1, flash player, home, homepage, installation, malware, memory.dmp, mozilla, programm, realtek, registry, scan, software, srtasks.exe, svchost.exe, system, trojaner, virus, warnung, wildtangent games, windows, wlan, xperia |
Linear-Darstellung
