| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Trojan.ADH.2 lässt sich nicht entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.05.2014, 22:57
| #1 |
| |  Windows 8.1: Trojan.ADH.2 lässt sich nicht entfernen Hallo, Ich habe mit Norton Internet Security einen vollständigen Systemscan durchgeführt. Bei diesem Scan wurde "Trojan.ADH.2" gefunden und konnte nicht entfernt werden bzw. sollte er manuell entfernt werden. Dazu ging ich auf die Norton Seite von diesem Virus (Trojan.ADH.2 | Symantec) und um diesen Schädling zu entfernen sollte man nur den "Norton Power Eraser" downloaden und ausführen. Dies habe ich gemacht, jedoch fand der keine Risiken. Wenn ich aber den Systemscan starte, besteht das Problem weiterhin. Hier die gewünschten Logs: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:25 on 21/05/2014 (Schach)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Schach (administrator) on SOKRATES on 21-05-2014 22:26:59
Running from C:\Users\rahel_000\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-10] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1446757697-2309439942-254719417-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1446757697-2309439942-254719417-1002\...\MountPoints2: {a8772377-8618-11e3-824f-806e6f6e6963} - "D:\SETUP.EXE"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll [490000 2014-05-18] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll [664592 2014-05-18] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.2.0.38
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.2.0.38
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=a&ver=12692&tm=315&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=a&ver=12692&tm=315&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {01EEB4B6-0C7E-4EFA-836B-74AC56DE4CFC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SEJB
SearchScopes: HKCU - {01EEB4B6-0C7E-4EFA-836B-74AC56DE4CFC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=SEJB
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=12302&tm=315&src=ds&p={searchTerms}
SearchScopes: HKCU - {CECE89A5-3192-4691-BDE0-BBAD40157163} URL = hxxp://rover.ebay.com/rover/1/5222-42442-16445-29/4?mpre=hxxp://shop.ebay.ch/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll64.dll (Aztec Media Inc)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\Program Files (x86)\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\rahel_000\AppData\Roaming\Mozilla\Firefox\Profiles\u0ghnwd0.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: hxxp://www.default-search.net?sid=476&aid=146&itype=n&ver=12302&tm=315&src=hmp
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=146&itype=n&ver=12302&tm=315&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\rahel_000\AppData\Roaming\Mozilla\Firefox\Profiles\u0ghnwd0.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Linkey for Firefox - C:\Users\rahel_000\AppData\Roaming\Mozilla\Firefox\Profiles\u0ghnwd0.default\Extensions\extension@linkeyproject.com [2014-04-12]
FF Extension: Popular Website Buddy - C:\Users\rahel_000\AppData\Roaming\Mozilla\Firefox\Profiles\u0ghnwd0.default\Extensions\jid1-l6V8exwLVv1lBw@jetpack [2014-03-30]
FF Extension: Settings Manager - C:\Users\rahel_000\AppData\Roaming\Mozilla\Firefox\Profiles\u0ghnwd0.default\Extensions\{FE30DFF5-F0E6-FC86-2C45-F540EB604757} [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\IPSFF [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn\ []
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-05-16] (WildTangent)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [3543056 2014-05-18] (Aztec Media Inc)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1369136 2013-09-25] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-29] (Symantec Corporation)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [36240 2014-05-18] (Aztec Media Inc)
R4 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [36240 2014-05-18] (Aztec Media Inc)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140520.001\IDSvia64.sys [525016 2014-03-28] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140521.001\ENG64.SYS [126040 2014-03-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140521.001\EX64.SYS [2099288 2014-03-29] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-10-09] (Realsil Semiconductor Corporation)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-04-28] ()
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-28] (Synaptics Incorporated)
R0 SMR410; C:\Windows\System32\drivers\SMR410.SYS [96856 2014-05-21] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1502000.026\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 xusb22; C:\Windows\system32\DRIVERS\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
U3 ugdyypob; \??\C:\Users\RAHEL_~1\AppData\Local\Temp\ugdyypob.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-21 22:26 - 2014-05-21 22:26 - 00027907 _____ () C:\Users\rahel_000\Downloads\FRST.txt
2014-05-21 22:25 - 2014-05-21 22:25 - 02067456 _____ (Farbar) C:\Users\rahel_000\Downloads\FRST64.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00380416 _____ () C:\Users\rahel_000\Downloads\Gmer-19357.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00050477 _____ () C:\Users\rahel_000\Downloads\Defogger.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00000474 _____ () C:\Users\rahel_000\Downloads\defogger_disable.log
2014-05-21 22:14 - 2014-05-21 22:14 - 00009214 _____ () C:\Users\rahel_000\Desktop\gmer.txt
2014-05-21 22:06 - 2014-05-21 22:06 - 00380416 _____ () C:\Users\Fuchs\Downloads\Gmer-19357.exe
2014-05-21 22:04 - 2014-05-21 22:04 - 00048595 _____ () C:\Users\Fuchs\Desktop\FRST.txt
2014-05-21 22:04 - 2014-05-21 22:04 - 00031958 _____ () C:\Users\Fuchs\Desktop\Addition.txt
2014-05-21 22:03 - 2014-05-21 22:26 - 00000000 ____D () C:\FRST
2014-05-21 22:02 - 2014-05-21 22:02 - 02067456 _____ (Farbar) C:\Users\Fuchs\Downloads\FRST64(1).exe
2014-05-21 22:00 - 2014-05-21 22:00 - 00576495 _____ () C:\Users\Fuchs\Downloads\FRST64.exe
2014-05-21 22:00 - 2014-05-21 22:00 - 00000474 _____ () C:\Users\Fuchs\Desktop\defogger_disable.log
2014-05-21 22:00 - 2014-05-21 22:00 - 00000000 _____ () C:\Users\rahel_000\defogger_reenable
2014-05-21 21:59 - 2014-05-21 21:59 - 00050477 _____ () C:\Users\Fuchs\Downloads\Defogger.exe
2014-05-21 21:18 - 2014-05-21 21:18 - 00096856 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR410.SYS
2014-05-21 21:18 - 2014-05-21 21:18 - 00000020 _____ () C:\Windows\system32\Drivers\SMR410.dat
2014-05-21 21:17 - 2014-05-21 22:15 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\NPE
2014-05-21 21:17 - 2014-05-21 21:17 - 03077584 ____N (Symantec Corporation) C:\Users\Fuchs\Downloads\NPE.exe
2014-05-21 19:04 - 2014-05-21 22:22 - 00000000 ____D () C:\ProgramData\systemk
2014-05-16 21:19 - 2014-05-16 21:19 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-16 21:18 - 2014-05-16 21:18 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\WildTangent
2014-05-16 01:01 - 2014-05-16 01:01 - 00000000 ____D () C:\5a79d5eb9d2d0944646633
2014-05-15 19:43 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-05-15 19:43 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-05-15 19:43 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-05-15 19:43 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-05-15 19:43 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-15 19:43 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-15 19:43 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-15 19:43 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-15 19:43 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-15 18:38 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-15 18:38 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-15 18:38 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-15 18:38 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-15 18:38 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-15 18:38 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-15 18:38 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-15 18:38 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-15 18:38 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-15 18:38 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-15 18:38 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 18:38 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-15 18:38 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-15 18:38 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-15 18:38 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-15 18:38 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-15 18:38 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-15 18:38 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-15 18:38 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-15 18:38 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-15 18:38 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-15 18:38 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-15 18:38 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-15 18:38 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-15 18:38 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-15 18:38 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-15 18:38 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-15 18:37 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 18:37 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 18:37 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 18:37 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 18:37 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 18:37 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-10 18:43 - 2014-05-11 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 16:24 - 2014-05-10 18:48 - 00001310 _____ () C:\Users\Public\Desktop\WildStar.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
2014-05-10 16:22 - 2014-05-10 16:22 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\NCSOFT
2014-05-10 16:22 - 2014-05-10 16:22 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\NCSOFT
2014-05-10 16:11 - 2014-05-10 16:11 - 10527224 _____ (NCSOFT) C:\Users\Fuchs\Downloads\Wildstar(2).exe
2014-05-10 16:07 - 2014-05-10 16:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-04 00:23 - 2014-05-04 00:23 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-02 15:10 - 2014-05-02 15:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 15:10 - 2014-05-02 15:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 13:53 - 2014-05-01 13:53 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\Introversion
2014-04-28 18:58 - 2014-05-14 20:15 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-28 03:08 - 2014-04-28 03:08 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\CrashDumps
2014-04-28 01:08 - 2014-04-28 01:08 - 00262192 _____ () C:\Windows\Minidump\042814-46328-01.dmp
2014-04-28 01:06 - 2013-12-17 09:36 - 29339936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 22104352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 15930288 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 15699056 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 13656024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 12947384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 11311392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-28 01:06 - 2013-12-17 09:36 - 09281544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 07721112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 07598080 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 06330064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 02971424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 02789664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 02367776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 02007840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432762.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432762.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-04-28 01:06 - 2013-12-17 09:36 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-04-28 01:03 - 2014-04-28 01:03 - 00003132 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-04-28 01:03 - 2014-04-28 01:03 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-04-28 01:03 - 2014-04-28 01:03 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Schach\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Schach
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\rahel_000\AppData\Roaming\iolo
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Gast
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Administrator
2014-04-25 17:46 - 2014-04-25 17:46 - 00295656 _____ () C:\Windows\Minidump\042514-35578-01.dmp
2014-04-25 17:43 - 2014-04-25 17:43 - 02143832 _____ () C:\Users\rahel_000\Downloads\instsf449.exe
2014-04-25 17:36 - 2014-04-25 17:37 - 00292104 _____ () C:\Windows\Minidump\042514-36828-01.dmp
2014-04-25 17:35 - 2014-04-25 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-25 17:35 - 2014-04-25 17:44 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-24 13:04 - 2014-04-24 13:51 - 00000000 ____D () C:\Users\Fuchs\Documents\Matur
2014-04-23 17:48 - 2014-04-23 17:48 - 00000000 ____D () C:\Users\rahel_000\Documents\Games for Windows - LIVE Demos
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-04-23 17:44 - 2014-04-23 17:44 - 00642712 _____ (Microsoft Corporation) C:\Users\rahel_000\Downloads\gfwlivesetup.exe
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\Macromedia
2014-04-23 17:41 - 2014-04-28 01:37 - 00000000 ____D () C:\Update
2014-04-23 17:38 - 2014-04-23 17:38 - 00000000 __SHD () C:\Users\rahel_000\AppData\Local\EmieUserList
2014-04-23 17:38 - 2014-04-23 17:38 - 00000000 __SHD () C:\Users\rahel_000\AppData\Local\EmieSiteList
2014-04-22 22:45 - 2014-04-22 22:45 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 11:51 - 2014-04-22 12:21 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\.minecraft
==================== One Month Modified Files and Folders =======
2014-05-21 22:27 - 2014-05-21 22:26 - 00027907 _____ () C:\Users\rahel_000\Downloads\FRST.txt
2014-05-21 22:26 - 2014-05-21 22:03 - 00000000 ____D () C:\FRST
2014-05-21 22:25 - 2014-05-21 22:25 - 02067456 _____ (Farbar) C:\Users\rahel_000\Downloads\FRST64.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00380416 _____ () C:\Users\rahel_000\Downloads\Gmer-19357.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00050477 _____ () C:\Users\rahel_000\Downloads\Defogger.exe
2014-05-21 22:25 - 2014-05-21 22:25 - 00000474 _____ () C:\Users\rahel_000\Downloads\defogger_disable.log
2014-05-21 22:22 - 2014-05-21 19:04 - 00000000 ____D () C:\ProgramData\systemk
2014-05-21 22:22 - 2014-03-31 22:19 - 00000000 ____D () C:\Users\rahel_000\AppData\Roaming\ClassicShell
2014-05-21 22:22 - 2014-03-30 01:44 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\ClassicShell
2014-05-21 22:22 - 2014-03-29 22:01 - 00000000 ___RD () C:\Users\rahel_000\SkyDrive
2014-05-21 22:22 - 2014-03-29 21:57 - 00000000 ___RD () C:\Users\rahel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-21 22:22 - 2014-03-29 21:57 - 00000000 ___RD () C:\Users\rahel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-21 22:15 - 2014-05-21 21:17 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\NPE
2014-05-21 22:15 - 2014-03-30 01:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 22:14 - 2014-05-21 22:14 - 00009214 _____ () C:\Users\rahel_000\Desktop\gmer.txt
2014-05-21 22:13 - 2014-03-30 00:58 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6EB015A1-94C7-4988-A780-46552CF01F96}
2014-05-21 22:10 - 2014-03-30 01:50 - 00154112 ___SH () C:\Users\Fuchs\Downloads\Thumbs.db
2014-05-21 22:06 - 2014-05-21 22:06 - 00380416 _____ () C:\Users\Fuchs\Downloads\Gmer-19357.exe
2014-05-21 22:04 - 2014-05-21 22:04 - 00048595 _____ () C:\Users\Fuchs\Desktop\FRST.txt
2014-05-21 22:04 - 2014-05-21 22:04 - 00031958 _____ () C:\Users\Fuchs\Desktop\Addition.txt
2014-05-21 22:02 - 2014-05-21 22:02 - 02067456 _____ (Farbar) C:\Users\Fuchs\Downloads\FRST64(1).exe
2014-05-21 22:00 - 2014-05-21 22:00 - 00576495 _____ () C:\Users\Fuchs\Downloads\FRST64.exe
2014-05-21 22:00 - 2014-05-21 22:00 - 00000474 _____ () C:\Users\Fuchs\Desktop\defogger_disable.log
2014-05-21 22:00 - 2014-05-21 22:00 - 00000000 _____ () C:\Users\rahel_000\defogger_reenable
2014-05-21 22:00 - 2014-03-29 21:55 - 00000000 ____D () C:\Users\rahel_000
2014-05-21 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-21 21:59 - 2014-05-21 21:59 - 00050477 _____ () C:\Users\Fuchs\Downloads\Defogger.exe
2014-05-21 21:46 - 2014-01-26 01:52 - 01774435 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 21:18 - 2014-05-21 21:18 - 00096856 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR410.SYS
2014-05-21 21:18 - 2014-05-21 21:18 - 00000020 _____ () C:\Windows\system32\Drivers\SMR410.dat
2014-05-21 21:18 - 2014-03-29 23:16 - 00000000 ____D () C:\ProgramData\Norton
2014-05-21 21:17 - 2014-05-21 21:17 - 03077584 ____N (Symantec Corporation) C:\Users\Fuchs\Downloads\NPE.exe
2014-05-21 19:07 - 2014-03-30 00:56 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\Adobe
2014-05-21 19:07 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-21 19:04 - 2014-03-30 00:56 - 00000000 ____D () C:\Users\Fuchs
2014-05-21 19:04 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 21:12 - 2014-03-29 23:18 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-18 02:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-17 00:55 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-16 23:32 - 2013-08-22 16:46 - 00019789 _____ () C:\Windows\setupact.log
2014-05-16 23:12 - 2014-03-30 10:31 - 00000000 ____D () C:\ProgramData\Origin
2014-05-16 23:12 - 2014-03-30 10:31 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-16 21:19 - 2014-05-16 21:19 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-16 21:19 - 2014-01-26 02:25 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-16 21:18 - 2014-05-16 21:18 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\WildTangent
2014-05-16 21:18 - 2014-01-26 02:25 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-16 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-16 16:49 - 2014-03-30 00:56 - 00000000 ___RD () C:\Users\Fuchs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 16:49 - 2014-03-30 00:56 - 00000000 ___RD () C:\Users\Fuchs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 01:01 - 2014-05-16 01:01 - 00000000 ____D () C:\5a79d5eb9d2d0944646633
2014-05-16 01:01 - 2014-03-30 00:06 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-14 23:15 - 2014-03-30 01:01 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1446757697-2309439942-254719417-1005
2014-05-14 22:24 - 2014-03-30 03:04 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\Apple Computer
2014-05-14 20:15 - 2014-04-28 18:58 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 20:15 - 2014-03-30 01:25 - 00003766 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:03 - 2014-03-30 00:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 00:57 - 2014-03-30 10:28 - 00000000 ____D () C:\Users\Fuchs\Documents\Französisch
2014-05-11 19:54 - 2014-05-10 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 14:39 - 2014-03-30 00:56 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\Packages
2014-05-10 18:48 - 2014-05-10 16:24 - 00001310 _____ () C:\Users\Public\Desktop\WildStar.lnk
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-05-10 16:24 - 2014-05-10 16:24 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
2014-05-10 16:22 - 2014-05-10 16:22 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\NCSOFT
2014-05-10 16:22 - 2014-05-10 16:22 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\NCSOFT
2014-05-10 16:11 - 2014-05-10 16:11 - 10527224 _____ (NCSOFT) C:\Users\Fuchs\Downloads\Wildstar(2).exe
2014-05-10 16:07 - 2014-05-10 16:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-10 16:07 - 2014-03-30 10:38 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\Origin
2014-05-10 16:07 - 2014-03-30 10:37 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\Origin
2014-05-07 21:41 - 2014-03-30 01:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-07 00:12 - 2014-04-10 21:11 - 00000000 ____D () C:\ProgramData\CyberLink
2014-05-06 18:22 - 2014-03-30 13:46 - 00080997 _____ () C:\Windows\DirectX.log
2014-05-06 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 06:40 - 2014-05-15 18:37 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-15 18:37 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-15 18:37 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 18:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 00:49 - 2013-09-13 23:00 - 00005070 _____ () C:\Windows\PFRO.log
2014-05-04 00:23 - 2014-05-04 00:23 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-02 15:10 - 2014-05-02 15:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 15:10 - 2014-05-02 15:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 22:30 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-01 13:53 - 2014-05-01 13:53 - 00000000 ____D () C:\Users\Fuchs\AppData\Local\Introversion
2014-04-28 16:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-28 03:08 - 2014-04-28 03:08 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\CrashDumps
2014-04-28 01:37 - 2014-04-23 17:41 - 00000000 ____D () C:\Update
2014-04-28 01:37 - 2014-01-26 02:01 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-04-28 01:34 - 2014-03-29 22:04 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1446757697-2309439942-254719417-1002
2014-04-28 01:28 - 2014-01-26 02:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-04-28 01:18 - 2014-01-26 01:58 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-28 01:08 - 2014-04-28 01:08 - 00262192 _____ () C:\Windows\Minidump\042814-46328-01.dmp
2014-04-28 01:08 - 2014-04-02 17:52 - 774908773 _____ () C:\Windows\MEMORY.DMP
2014-04-28 01:08 - 2014-04-02 17:52 - 00000000 ____D () C:\Windows\Minidump
2014-04-28 01:08 - 2014-01-26 01:52 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-04-28 01:08 - 2014-01-26 01:52 - 00000000 ____D () C:\Windows\system32\NV
2014-04-28 01:08 - 2014-01-26 01:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-28 01:03 - 2014-04-28 01:03 - 00003132 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-04-28 01:03 - 2014-04-28 01:03 - 00002060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-04-28 01:03 - 2014-04-28 01:03 - 00001992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Schach\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Schach
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\rahel_000\AppData\Roaming\iolo
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Gast
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-04-28 01:03 - 2014-04-28 01:03 - 00000000 ____D () C:\Users\Administrator
2014-04-28 01:03 - 2014-01-26 01:58 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-04-28 01:03 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-04-28 01:02 - 2014-01-26 09:30 - 00000000 ____D () C:\Program Files\Sony
2014-04-28 01:01 - 2014-01-26 02:35 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-04-27 00:47 - 2014-03-30 01:52 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\Skype
2014-04-25 17:52 - 2014-04-25 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-04-25 17:46 - 2014-04-25 17:46 - 00295656 _____ () C:\Windows\Minidump\042514-35578-01.dmp
2014-04-25 17:44 - 2014-04-25 17:35 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-04-25 17:43 - 2014-04-25 17:43 - 02143832 _____ () C:\Users\rahel_000\Downloads\instsf449.exe
2014-04-25 17:37 - 2014-04-25 17:36 - 00292104 _____ () C:\Windows\Minidump\042514-36828-01.dmp
2014-04-24 13:51 - 2014-04-24 13:04 - 00000000 ____D () C:\Users\Fuchs\Documents\Matur
2014-04-23 17:48 - 2014-04-23 17:48 - 00000000 ____D () C:\Users\rahel_000\Documents\Games for Windows - LIVE Demos
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-04-23 17:47 - 2014-04-23 17:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-04-23 17:44 - 2014-04-23 17:44 - 00642712 _____ (Microsoft Corporation) C:\Users\rahel_000\Downloads\gfwlivesetup.exe
2014-04-23 17:43 - 2014-04-23 17:43 - 00000000 ____D () C:\Users\rahel_000\AppData\Local\Macromedia
2014-04-23 17:38 - 2014-04-23 17:38 - 00000000 __SHD () C:\Users\rahel_000\AppData\Local\EmieUserList
2014-04-23 17:38 - 2014-04-23 17:38 - 00000000 __SHD () C:\Users\rahel_000\AppData\Local\EmieSiteList
2014-04-22 22:45 - 2014-04-22 22:45 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 13:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-04-22 12:21 - 2014-04-22 11:51 - 00000000 ____D () C:\Users\Fuchs\AppData\Roaming\.minecraft
2014-04-21 16:08 - 2014-01-26 09:20 - 00801394 _____ () C:\Windows\system32\perfh00C.dat
2014-04-21 16:08 - 2014-01-26 09:20 - 00158846 _____ () C:\Windows\system32\perfc00C.dat
2014-04-21 16:08 - 2014-01-26 09:10 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-04-21 16:08 - 2014-01-26 09:10 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-04-21 16:08 - 2013-09-13 23:06 - 02737336 _____ () C:\Windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\Fuchs\AppData\Local\Temp\COMAP.EXE
C:\Users\Fuchs\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\rahel_000\AppData\Local\Temp\ClassicShellSetup_4_0_4.exe
C:\Users\rahel_000\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\rahel_000\AppData\Local\Temp\readSTILog.dll
C:\Users\rahel_000\AppData\Local\Temp\sdanircmdc.exe
C:\Users\rahel_000\AppData\Local\Temp\sdapskill.exe
C:\Users\rahel_000\AppData\Local\Temp\sdaspwn.exe
C:\Users\rahel_000\AppData\Local\Temp\sfamcc00001.dll
C:\Users\rahel_000\AppData\Local\Temp\sfareca00001.dll
C:\Users\rahel_000\AppData\Local\Temp\sfextra.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-21 19:34
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Schach at 2014-05-21 22:35:30
Running from C:\Users\rahel_000\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version: - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3202 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.5804.52 - CyberLink Corp.) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
HP LaserJet 200 color MFP M276 (HKLM-x32\...\{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}) (Version: 5.0.12201.1116 - Hewlett-Packard)
HP LaserJet 200 color MFP M276 Fax (x32 Version: 29.0.84.0 - Hewlett-Packard Co.) Hidden
HP LaserJet 200 color MFP M276 HP Device Toolbox (x32 Version: 29.0.84.0 - Hewlett-Packard Co.) Hidden
HP LJ200 M276 HP Scan (x32 Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.7242 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.404 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.404 - HP) Hidden
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM276DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.8 - HP) Hidden
HPLaserJet200color-MFPM276_HelpLearnCenter_SI (HKLM-x32\...\{0F044C7A-6EE1-4F03-90AC-329AAF2FCF12}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM276 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM276LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hppSendFaxM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM276 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Linkey (HKCU\...\Linkey) (Version: 0.0.0.431 - Aztec Media Inc) <==== ATTENTION
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-2e58f89b-4447-4111-94b2-a2343153024d) (Version: - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-3a56167a-3ca4-4f13-bae3-02685a1f8720) (Version: - Epic Games, Inc.)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
NVIDIA Control Panel 327.39 (Version: 327.39 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 327.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.39 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.9.0 - NXP Semiconductors)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
RonyaSoft CD DVD Label Maker 1.03 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 1.03 - RonyaSoft)
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.12302 - Aztec Media Inc) <==== ATTENTION
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
SOHLib for PlayMemories Home (Version: 1.0.1.11110 - Sony Corporation) Hidden
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.10 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version: - Stridemann)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.0.05310 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{31A52292-831E-45E0-8333-7D35BCD130B8}) (Version: 1.0.3.09050 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden
VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.25 - WildTangent) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
==================== Restore Points =========================
06-05-2014 16:10:56 Windows Update
15-05-2014 17:47:27 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06908362-4A01-4958-8851-56051A9C2B59} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)
Task: {0901A7F4-2A16-440F-8478-3218F2084F23} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FDDA7B6-6900-46B3-AB9C-A8F0F888E3F3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {12DD77AE-FC3A-43BD-8DA8-673CAC56A9A1} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {13000560-C7AA-4B47-BCEA-153837CC0F55} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {1A603CD3-6EFA-44EF-A69F-A1CB6D7E14BF} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1AD691B7-46F8-4EAD-B58E-C0F307BDAB6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {1EF351E3-2B87-4613-8B5C-BC4316B41633} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {25310D83-8472-41A1-AE47-D83A8A882EB0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {288D6658-EB27-4929-8190-9E9CEA7E2C4A} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31DD3361-4A8D-4B9A-BDC3-6C0357E464F0} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {388C3D2E-EF07-4336-9E80-8653BC3D41FA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C0FF926-EEA0-43CC-BEE8-048804B0FD54} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => %ProgramData%\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {40E7E6CE-91EE-4CF9-B5DF-9258380B3733} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {49B12BFC-6BDA-420A-B251-833E5BEBF9D7} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {4BE49BA9-F7A7-45B6-901F-B54E158ECCEF} - System32\Tasks\AdobeAAMUpdater-1.0-Sokrates-Fuchs => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {4C9F7F2A-9C43-4670-80A0-492DA202C881} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-05-16] (Microsoft Corporation)
Task: {5A2869E0-ABA5-466E-899B-A960F1F29EFB} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-15] (Hewlett Packard)
Task: {5D6FD31A-80B1-48CE-846C-82A9C30B5FD1} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {603F2271-9EF0-4668-9D6F-3F2F1BA797C2} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-09-24] (Sony Corporation)
Task: {60F3F8B2-35D9-4D44-818C-6CDEB05F9F72} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6EFAD63B-E31B-44E7-9498-A61F8D9003B6} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-04-25] (CyberLink Corp.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {777AC6D0-6983-48CE-BB67-94BFA0C2CFE6} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {81B83905-DC1C-45D1-885B-A078F333F6AE} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {880E78D2-8886-4DAE-99CF-2C982883F67C} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {899368AE-1C11-4643-A078-A08D9A9DDD06} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {8A973F96-158B-4869-AB57-0E0C08FC992C} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {8B4164FA-C9FD-44F1-8288-B741BC6AA5F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {99C6BDFE-FDE7-4823-B5AD-9E690FA57473} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {9FE0334F-FBEB-4E1D-AB11-1566ABE560B4} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2014-03-01] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A5713AAF-6C8A-4857-A994-C5730BA20BF2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {A962FC3B-89BE-4948-A585-F117400D31E9} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-06-01] (Sony Corporation)
Task: {B249FBFC-4FE4-4B46-A2EF-EADA65351BED} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-28] (Synaptics Incorporated)
Task: {BC70C071-B74F-44A6-9D4B-8FE6AB2AF252} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BE0026D1-5328-4F7A-BAB9-F22BF2924CBD} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1446757697-2309439942-254719417-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {BF1075D7-0809-431D-B11C-1D3FE220C521} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C0870AB0-5712-466D-B986-EAE1AC75F00D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C3A70705-8E32-42DB-9D2C-34028A9647C1} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)
Task: {C6080CE6-568C-4120-8330-F56CE77489D5} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CF1ACA55-470E-4207-825E-EC8A641D1D00} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD751CA9-C14A-43A7-88CF-ADC0B9DD78CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {E040298F-5BBB-4147-B393-95C08C199D46} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E07CF3FF-E164-44BD-9FC9-562AC23D3D0E} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)
Task: {E0EC6C88-7C01-4807-8ADA-B24833BC52A5} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E8237AFB-EB50-4833-BB26-55E9474E212C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {E8757698-C215-4C22-A830-0B93E1EF55DA} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1446757697-2309439942-254719417-1005
Task: {F271E6D3-247A-4A25-843C-F75067AE0728} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {FEA7F518-59A3-47C3-925B-9A06503C8DEC} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-04-12 19:34 - 2014-05-18 11:50 - 00664592 _____ () C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll
2013-09-25 16:20 - 2013-09-25 16:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-03-30 00:33 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-30 00:28 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-01-26 01:52 - 2013-12-17 09:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-08-30 13:46 - 2013-10-03 10:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-12 19:34 - 2014-05-18 11:50 - 00490000 _____ () C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll
2014-04-12 19:34 - 2014-05-18 11:50 - 00020496 _____ () C:\Program Files (x86)\Settings Manager\systemk\syskldr.dll
2014-01-26 01:47 - 2013-09-18 04:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-08-30 13:39 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-05-10 18:43 - 2014-05-11 19:54 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\rahel_000\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: NXP NearFieldProximity Provider
Description: NXP NearFieldProximity Provider
Class Guid: {5630831c-06c9-4856-b327-f5d32586e060}
Manufacturer: NXP Semiconductors(Proximity)
Service: WUDFRd
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2014 07:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2ec
Startzeit: 01cf751cf2501cec
Endzeit: 4294967295
Anwendungspfad: C:\Windows\system32\wwahost.exe
Berichts-ID: e622eff0-e110-11e3-8288-342387967e48
Vollständiger Name des fehlerhaften Pakets: BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SonyCorporation.VAIOMessageCenter
Error: (05/19/2014 06:52:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 29.0.1.5239 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f18
Startzeit: 01cf72ddc6337fdd
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: f48b0d71-df75-11e3-8287-342387967e48
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/18/2014 09:39:46 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/18/2014 02:54:41 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/16/2014 00:39:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/16/2014 00:09:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2014 11:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2014 10:54:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2014 10:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/15/2014 10:24:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: Bei der Aktivierung der App „BD9B8345.TVSideView_05bme2bjq6sag!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (05/21/2014 10:28:13 PM) (Source: DCOM) (EventID: 10010) (User: Sokrates)
Description: {9F070738-F6EA-408A-A6BD-AED405E67A13}
Error: (05/21/2014 10:28:08 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/21/2014 10:23:27 PM) (Source: DCOM) (EventID: 10010) (User: Sokrates)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/21/2014 07:35:34 PM) (Source: DCOM) (EventID: 10010) (User: Sokrates)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/21/2014 07:35:04 PM) (Source: DCOM) (EventID: 10010) (User: Sokrates)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/21/2014 07:06:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service" wurde mit folgendem Fehler beendet:
%%268439612
Error: (05/21/2014 07:05:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "F06DEFF2-5B9C-490D-910F-35D3A9119622" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/21/2014 07:05:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Systemk Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/21/2014 07:04:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 20.05.2014 um 05:53:31 unerwartet heruntergefahren.
Error: (05/19/2014 10:35:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst nvsvc erreicht.
Microsoft Office Sessions:
=========================
Error: (05/21/2014 07:54:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170312ec01cf751cf2501cec4294967295C:\Windows\system32\wwahost.exee622eff0-e110-11e3-8288-342387967e48BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sagSonyCorporation.VAIOMessageCenter
Error: (05/19/2014 06:52:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe29.0.1.52391f1801cf72ddc6337fdd15C:\Program Files (x86)\Mozilla Firefox\firefox.exef48b0d71-df75-11e3-8287-342387967e48
Error: (05/18/2014 09:39:46 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/18/2014 02:54:41 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (05/16/2014 00:39:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2144927141
Error: (05/16/2014 00:09:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2144927141
Error: (05/15/2014 11:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2144927141
Error: (05/15/2014 10:54:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2144927141
Error: (05/15/2014 10:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter-2144927141
Error: (05/15/2014 10:24:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sokrates)
Description: BD9B8345.TVSideView_05bme2bjq6sag!App-2144927141
CodeIntegrity Errors:
===================================
Date: 2014-05-21 22:34:28.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-21 19:03:59.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-21 19:03:59.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-18 02:43:18.329
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-18 02:43:18.235
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-16 23:17:12.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-16 23:17:12.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-16 16:44:11.686
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-16 16:44:11.592
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-05-14 22:46:16.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 8087.8 MB
Available physical RAM: 5273.04 MB
Total Pagefile: 16279.8 MB
Available Pagefile: 13745.1 MB
Total Virtual: 131072 MB
Available Virtual: 131071.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:902.76 GB) (Free:544.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: E2384E5C)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-21 22:31:22
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002b WDC_WD10JPVX-55JC3T3 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\RAHEL_~1\AppData\Local\Temp\ugdyypob.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\System32\spoolsv.exe[1408] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff8bfe2169a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\System32\spoolsv.exe[1408] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff8bfe216a2 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\System32\spoolsv.exe[1408] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff8bfe2181a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\System32\spoolsv.exe[1408] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff8bfe21832 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1752] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff8bfe2169a 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1752] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff8bfe216a2 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1752] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff8bfe2181a 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe[1752] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff8bfe21832 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\System32\svchost.exe[1140] c:\windows\system32\WSOCK32.dll!setsockopt + 194 00007ff8b5ca1f6a 4 bytes [CA, B5, F8, 7F]
.text C:\Windows\System32\svchost.exe[1140] c:\windows\system32\WSOCK32.dll!setsockopt + 218 00007ff8b5ca1f82 4 bytes [CA, B5, F8, 7F]
.text C:\Windows\System32\svchost.exe[2140] c:\windows\system32\WSOCK32.dll!setsockopt + 194 00007ff8b5ca1f6a 4 bytes [CA, B5, F8, 7F]
.text C:\Windows\System32\svchost.exe[2140] c:\windows\system32\WSOCK32.dll!setsockopt + 218 00007ff8b5ca1f82 4 bytes [CA, B5, F8, 7F]
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!K32GetModuleInformation 00007ff8be3728c0 7 bytes JMP 00007ff9bdd302d0
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!RegQueryValueExW 00007ff8be3743d8 7 bytes JMP 00007ff9bdd30308
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!RegSetValueExA 00007ff8be421f20 7 bytes JMP 00007ff9bdd30378
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!RegSetValueExW 00007ff8be4240b4 7 bytes JMP 00007ff9bdd303b0
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!RegDeleteValueW 00007ff8be424510 7 bytes JMP 00007ff9bdd30340
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ff8be424af0 7 bytes JMP 00007ff9bdd30260
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ff8be44cea0 7 bytes JMP 00007ff9bdd30228
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ff8be44cf10 7 bytes JMP 00007ff9bdd30298
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 00007ff8bdd42300 7 bytes JMP 00007ff9bdd300d8
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 00007ff8bdd45770 5 bytes JMP 00007ff9bdd30180
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 00007ff8bdd45860 5 bytes JMP 00007ff9bdd30148
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 00007ff8bdd45a30 5 bytes JMP 00007ff9bdd30110
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\USER32.dll!CreateWindowExW 00007ff8be53b6f4 10 bytes JMP 00007ff9bdd30490
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\USER32.dll!EnumDisplayDevicesW 00007ff8be5445d8 5 bytes JMP 00007ff9bdd30458
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ff8be544750 9 bytes JMP 00007ff9bdd303e8
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\USER32.dll!EnumDisplayDevicesA 00007ff8be554fc0 5 bytes JMP 00007ff9bdd30420
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ff8be181500 8 bytes JMP 00007ff9bdd301b8
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ff8be181750 8 bytes JMP 00007ff9bdd301f0
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 00007ff8bb887c28 5 bytes JMP 00007ff9bb6b0110
.text C:\Windows\system32\dwm.exe[1488] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 00007ff8bb894b84 5 bytes JMP 00007ff9bb6b00d8
.text C:\Windows\system32\nvvsvc.exe[7888] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff8bfe2169a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\system32\nvvsvc.exe[7888] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff8bfe216a2 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\system32\nvvsvc.exe[7888] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff8bfe2181a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\system32\nvvsvc.exe[7888] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff8bfe21832 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\Explorer.EXE[6640] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff8bfe2169a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\Explorer.EXE[6640] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff8bfe216a2 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\Explorer.EXE[6640] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff8bfe2181a 4 bytes [E2, BF, F8, 7F]
.text C:\Windows\Explorer.EXE[6640] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff8bfe21832 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff8bfe2169a 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff8bfe216a2 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff8bfe2181a 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff8bfe21832 4 bytes [E2, BF, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff8b5ca1f6a 4 bytes [CA, B5, F8, 7F]
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[5260] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff8b5ca1f82 4 bytes [CA, B5, F8, 7F]
.text c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4048] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff8b5ca1f6a 4 bytes [CA, B5, F8, 7F]
.text c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe[4048] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff8b5ca1f82 4 bytes [CA, B5, F8, 7F]
---- Threads - GMER 2.1 ----
Thread C:\Windows\SYSTEM32\ntdll.dll [1844:1848] 0000000000f9975e
Thread C:\Windows\system32\csrss.exe [6648:7340] fffff96000983b90
Thread C:\Windows\SYSTEM32\ntdll.dll [4820:3552] 00000000011aa794
Thread C:\Windows\SYSTEM32\ntdll.dll [4820:5576] 00000000011a4980
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
C:\Windows\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. C:\Users\rahel_000\ntuser.dat: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Hier noch die Angaben von Norton Internet Security: Code:
ATTFilter Dateiname: sysapcrt.dll
Bedrohungsname: Trojan.ADH.2
Vollständiger Pfad: c:\program files (x86)\settings manager\systemk\sysapcrt.dll
____________________________
Details
Sehr wenige Benutzer, Sehr neu, Risiko Hoch
Ursprung
Heruntergeladen von
Unbekannt
Aktivität
Ausgeführte Aktionen: 3
____________________________
Auf Computern ab
21.05.2014 um 19:09:43
Zuletzt verwendet
21.05.2014 um 20:21:07
Start-Element
Nein
Gestartet
Nein
____________________________
Sehr wenige Benutzer
Weniger als 5 Benutzer in der Norton Community haben diese Datei verwendet.
Sehr neu
Diese Datei wurde vor weniger als 1 Woche veröffentlicht.
Hoch
Das Risiko dieser Datei ist hoch.
Art der Bedrohung: Virus. Programme, die andere Programme, Dateien oder Computerbereiche infizieren, indem sie sich einfügen oder anhängen.
____________________________
Quelle: externe Medien
Quelldatei:
sysapcrt.dll
____________________________
Dateiaktionen
Infizierte Datei: c:\program files (x86)\settings manager\systemk\ sysapcrt.dll Zugriff verweigert
____________________________
Registrierungsaktionen
Registrierungsänderung: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ AppCertDlls->x86, Registrierungsstruktur: 32 bit Reparatur nicht versucht
Registrierungsänderung: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ AppCertDlls->x86, Registrierungsstruktur: 64 bit Reparatur nicht versucht
____________________________
Dateiabdruck - SHA:
a53271758302959148a6030318dda385f7fe73892aa8516db73ea51db2de8c5c
Dateiabdruck - MD5:
Nicht verfügbar
Ich hoffe, dass mir jemand helfen kann. Liebe Grüsse Rahel |
| Themen zu Windows 8.1: Trojan.ADH.2 lässt sich nicht entfernen |
| association, bingbar, canon, device driver, norton power eraser, onedrive, pup.optional.aztecmedia.a, pup.optional.defaultsearch.a, pup.optional.linkey.a, pup.optional.settingsmanager.a, pup.optional.softonic.a, schach, services.exe, svchost.exe, trojan.adh.2, vonteera, win32/cnetinstaller.b, win32/downloadsponsor.a, win32/installiq.a, win32/somoto.a, win32/toolbar.searchsuite.q, windows 8.1, wscript.exe, xperia |
Baum-Darstellung