| |
| |||||||
Log-Analyse und Auswertung: Trojaner/Maleware: Activex-kontrol Live MeshWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.11.2014, 04:19
| #1 |
| |  Trojaner/Maleware: Activex-kontrol Live Mesh Hallo zusammen, Ich habe seit einiger Zeit festgestellt, dass mein Browser (IE/Opera) mir keine Seiten mehr aufruft trotz bestehender Internet Verbindung. Anfangs nur sporadisch doch in einem kurzen Zeitraum (ca. 1Woche) immer häufiger. Als ich meinen PC dann untersuchte stellte ich bei der installierten Software in der Systemsteuerung einen Eintrag fest der mir unbekannt war: "activex-kontroll för fjärranslutningar för Windows Live Mesh" "windows live mesh active-kontroll for eksterne tilkoblinger" "windows live mesh activex-objekt til fjern forbindelser" Auserdem einige weitere Einträge die den selben Namen nur in unterschidlichen Sprachen und Schriftarten zu scheinen haben. Nachdem ich versucht habe über "Reparieren" Infomtionen über das Programm herauszufinden hat es darauf nur mit einigen weiteren Einträgen in weiteren Sprachen reagiert. Meine Internetsuche kam mir dabei mehrfach mit dem Bundestrojaner, auch wenn ich bisher das markannte Sperrbild mit der Kostenaufforderung noch nicht bekommen habe. Ich habe eine Systemwiederherstellung über meinen Vaio mit der Systeminternen Wiederherstellung gemacht und dabei eine Löschung der Festplatte (besitze nur Partition C) durchgeführt aber die Schadoftware blieb bestehen. Auserdem habe ich 2 unbezeichnete "rundll32" Prozesse im Task Manager gefunden die keinerlei Infomationen über ihre Herkunft preisgeben. Bitte um Eure Hilfe was in diesem Fall zu tun ist. Möchte die Stasi auf meinem PC gerne wieder loswerden. Auch wenn ich nichts zu verbergen habe, so verlangsamt es meinen PC drastisch und ist noch dazu eine Verletzung meiner Privatsphäre  .Habe die Programme wie von Euch vorgeschlagen heruntergeladen und als Admin installiertund ausgeführt. Ich habe auserdem noch einen OTL report im Anhang hinzugefügt. Hier die Logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 02:25 on 16/11/2014 (Beatbox)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014 Ran by Beatbox (administrator) on DRIVER on 16-11-2014 02:26:24 Running from C:\Users\Beatbox\Desktop Loaded Profiles: Beatbox & (Available profiles: Beatbox) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mcshield.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (McAfee, Inc.) C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (OldTimer Tools) C:\Users\Beatbox\Desktop\otl.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated) HKLM\...\Run: [McAfeeWrapperApplication] => C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe [453344 2010-12-07] (McAfee, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1658440 2011-03-12] (McAfee, Inc.) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2801288 2011-05-31] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [650080 2011-03-15] (Sony Corporation) HKLM\...\RunOnce: [BrandClearStubs] => RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{3942788D-F1D2-4201-9BF0-003753DCCEB6} ShellIconOverlayIdentifiers: [MOBK649] -> {7d7a9cff-a4c1-f2b8-7421-c722f7eac08a} => C:\Program Files (x86)\McAfee Online Backup\MOBK649shell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK6492] -> {658e5c17-2ba4-ed79-d884-37ebe15e7b9b} => C:\Program Files (x86)\McAfee Online Backup\MOBK649shell.dll (McAfee, Inc.) ShellIconOverlayIdentifiers: [MOBK6493] -> {22f1b264-d4dd-ef46-08eb-3eb0c80441ba} => C:\Program Files (x86)\McAfee Online Backup\MOBK649shell.dll (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {32E5D2F9-9BA1-433D-B139-5AFBDB5D636F} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {EC44ECE6-B920-4812-ACBE-6DED179E15A7} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms} BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20141115213810.dll (McAfee, Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20141115213810.dll (McAfee, Inc.) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-11-15] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-15] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 0286291416087848mcinstcleanup; C:\Windows\TEMP\028629~1.EXE [821568 2011-06-09] (McAfee, Inc.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [98976 2011-07-05] (Atheros Commnucations) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [501768 2011-03-17] (McAfee, Inc.) R2 McOobeSv; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [197960 2011-03-13] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [208272 2011-03-13] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2011-03-13] (McAfee, Inc.) R2 MOBK649backup; C:\Program Files (x86)\McAfee Online Backup\MOBK649backup.exe [223544 2011-04-18] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [249936 2011-01-27] (McAfee, Inc.) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2010-02-24] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2010-02-24] (Sonic Solutions) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259512 2011-07-22] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [65128 2011-03-13] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [156792 2011-03-13] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [227856 2011-03-13] (McAfee, Inc.) U3 mfeavfk01; No ImagePath R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [481376 2011-03-13] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [639216 2011-03-13] (McAfee, Inc.) R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75672 2011-03-13] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [98728 2011-03-13] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281928 2011-03-13] (McAfee, Inc.) R1 MOBK649Filter; C:\Windows\System32\DRIVERS\MOBK649.sys [66040 2011-04-18] (Mozy, Inc.) R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-23] (REDC) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-16 02:26 - 2014-11-16 02:26 - 00018459 _____ () C:\Users\Beatbox\Desktop\FRST.txt 2014-11-16 02:25 - 2014-11-16 02:26 - 00000000 ____D () C:\FRST 2014-11-16 02:24 - 2014-11-16 02:24 - 02116608 _____ (Farbar) C:\Users\Beatbox\Desktop\FRST64.exe 2014-11-16 02:23 - 2014-11-16 02:25 - 00000476 _____ () C:\Users\Beatbox\Desktop\defogger_disable.log 2014-11-16 02:23 - 2014-11-16 02:23 - 00000000 _____ () C:\Users\Beatbox\defogger_reenable 2014-11-16 02:22 - 2014-11-16 02:22 - 00050477 _____ () C:\Users\Beatbox\Desktop\Defogger.exe 2014-11-16 01:38 - 2014-11-16 01:38 - 00196836 _____ () C:\Users\Beatbox\Desktop\OTL.Txt 2014-11-16 01:38 - 2014-11-16 01:38 - 00083408 _____ () C:\Users\Beatbox\Desktop\Extras.Txt 2014-11-16 00:25 - 2014-11-16 00:25 - 00602112 _____ (OldTimer Tools) C:\Users\Beatbox\Desktop\otl.exe 2014-11-15 23:52 - 2014-11-15 23:52 - 02034504 _____ () C:\Users\Beatbox\Desktop\winrar-x64-511d.exe 2014-11-15 23:50 - 2014-11-15 23:50 - 00511633 _____ () C:\Users\Beatbox\Desktop\Autoruns.zip 2014-11-15 23:03 - 2014-11-16 02:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-15 23:03 - 2014-11-15 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-15 23:03 - 2014-11-15 23:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-15 23:03 - 2014-11-15 23:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-15 23:03 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-15 23:03 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-15 23:03 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-15 23:02 - 2014-11-15 23:02 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Beatbox\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-15 22:57 - 2014-11-15 22:57 - 00000000 ____D () C:\Update 2014-11-15 22:51 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-15 22:51 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-15 22:51 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-15 22:51 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-15 22:51 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-15 22:51 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-11-15 22:51 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-15 22:51 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-11-15 22:50 - 2014-11-15 22:50 - 00000000 ____D () C:\Users\Beatbox\AppData\Roaming\Adobe 2014-11-15 22:45 - 2014-11-15 22:45 - 00001443 _____ () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-15 22:45 - 2014-11-15 22:45 - 00001409 _____ () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ___RD () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\Documents\Bluetooth Folder 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\AppData\Roaming\Intel Corporation 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\AppData\Roaming\Atheros 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\AppData\Local\VirtualStore 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\AppData\Local\BMExplorer 2014-11-15 22:45 - 2014-11-15 22:45 - 00000000 ____D () C:\Users\Beatbox\AppData\Local\Adobe 2014-11-15 22:44 - 2014-11-16 02:23 - 00000000 ____D () C:\Users\Beatbox 2014-11-15 22:44 - 2014-11-15 22:47 - 00000000 ____D () C:\Users\Beatbox\AppData\Roaming\Sony Corporation 2014-11-15 22:44 - 2014-11-15 22:44 - 00070840 _____ () C:\Users\Beatbox\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-15 22:44 - 2014-11-15 22:44 - 00005256 _____ () C:\Windows\IE9_main.log 2014-11-15 22:44 - 2014-11-15 22:44 - 00001959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk 2014-11-15 22:44 - 2014-11-15 22:44 - 00000020 ___SH () C:\Users\Beatbox\ntuser.ini 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Vorlagen 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Startmenü 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Netzwerkumgebung 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Lokale Einstellungen 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Eigene Dateien 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Druckumgebung 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Documents\Eigene Musik 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Documents\Eigene Bilder 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\AppData\Local\Verlauf 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\AppData\Local\Anwendungsdaten 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 _SHDL () C:\Users\Beatbox\Anwendungsdaten 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ___RH () C:\Windows\SysWOW64\Drivers\104D_Sony_VPCF23S1E.mrk 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ___RH () C:\Windows\system32\Drivers\104D_Sony_VPCF23S1E.mrk 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ____D () C:\Windows\SysWOW64\VAIO Startup Setting Tool 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ____D () C:\Windows\pss 2014-11-15 22:44 - 2014-11-15 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-11-15 22:44 - 2014-11-15 21:43 - 00000000 ____D () C:\Users\Beatbox\AppData\Roaming\Macromedia 2014-11-15 22:44 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-15 22:44 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Beatbox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Programme 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Favoriten 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2014-11-15 22:43 - 2014-11-15 22:43 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2014-11-15 22:39 - 2014-11-15 22:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf 2014-11-15 22:37 - 2014-11-15 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote for VAIO 2014-11-15 22:37 - 2014-11-15 22:37 - 00000000 ____D () C:\ProgramData\Evernote 2014-11-15 22:37 - 2014-11-15 22:37 - 00000000 ____D () C:\Program Files (x86)\Evernote 2014-11-15 22:35 - 2014-11-15 22:35 - 00002024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk 2014-11-15 22:35 - 2014-11-15 22:35 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2014-11-15 22:35 - 2014-11-15 22:35 - 00000000 ____D () C:\ProgramData\iolo 2014-11-15 22:35 - 2011-07-15 20:35 - 00069000 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll 2014-11-15 22:35 - 2011-07-15 20:35 - 00014336 _____ (iolo technologies, LLC) C:\Windows\system32\iolorgdf64.exe 2014-11-15 22:32 - 2014-11-15 22:32 - 00000000 ____D () C:\Windows\en 2014-11-15 22:28 - 2014-11-15 22:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\uk 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\tr 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\sv 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\sk 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\ru 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\ro 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\pl 2014-11-15 22:28 - 2014-11-15 22:28 - 00000000 ____D () C:\Windows\no 2014-11-15 22:27 - 2014-11-15 22:27 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2014-11-15 22:27 - 2014-11-15 22:27 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\nl 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\it 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\hu 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\fr 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\fi 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\el 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\de 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\da 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\cs 2014-11-15 22:27 - 2014-11-15 22:27 - 00000000 ____D () C:\Windows\bg 2014-11-15 22:26 - 2014-11-15 22:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-11-15 22:25 - 2014-11-15 22:25 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-11-15 22:22 - 2014-11-15 22:29 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-11-15 22:22 - 2014-11-15 22:23 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2014-11-15 22:20 - 2014-11-15 22:20 - 00000000 ____D () C:\Windows\PCHEALTH 2014-11-15 22:20 - 2014-11-15 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-11-15 22:20 - 2014-11-15 22:20 - 00000000 ____D () C:\Program Files\Windows Live 2014-11-15 22:20 - 2014-11-15 22:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-11-15 22:20 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-11-15 22:20 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-11-15 22:20 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2014-11-15 22:20 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2014-11-15 22:18 - 2014-11-15 22:18 - 00196608 _____ () C:\Windows\ocsetup_install_OEMHelpCustomization.etl 2014-11-15 22:18 - 2014-11-15 22:18 - 00028728 _____ () C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.txt 2014-11-15 22:18 - 2014-11-15 22:18 - 00001275 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk 2014-11-15 22:18 - 2014-11-15 22:18 - 00000000 ____D () C:\VAIO Sample Contents 2014-11-15 22:17 - 2014-11-15 22:17 - 00002072 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk 2014-11-15 22:17 - 2014-11-15 22:17 - 00001852 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk 2014-11-15 22:16 - 2014-11-15 22:16 - 00002269 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk 2014-11-15 22:15 - 2014-11-15 22:15 - 88851008 _____ (Axialis Software) C:\Windows\system32\VAIO Hero Screensaver - Fall 2011 - DE.scr 2014-11-15 22:15 - 2014-11-15 22:15 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-11-15 22:15 - 2014-11-15 22:15 - 00000000 ____D () C:\Windows\system32\Version 2014-11-15 22:15 - 2014-11-15 22:15 - 00000000 ____D () C:\ProgramData\Skype 2014-11-15 22:15 - 2014-11-15 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-15 22:15 - 2014-11-15 22:15 - 00000000 ____D () C:\Program Files (x86)\Sony Europe Limited 2014-11-15 22:15 - 2011-07-22 21:56 - 00432128 _____ () C:\Windows\system32\SonyVideoProcessor.dll 2014-11-15 22:15 - 2011-07-22 21:56 - 00340480 _____ () C:\Windows\SysWOW64\SonyVideoProcessor.dll 2014-11-15 22:15 - 2011-06-17 23:53 - 00000007 _____ () C:\Windows\SysWOW64\scr_version.txt 2014-11-15 22:14 - 2014-11-15 22:14 - 00000000 ____D () C:\ProgramData\Uninstall 2014-11-15 22:14 - 2014-11-15 22:14 - 00000000 ____D () C:\ProgramData\Sonic 2014-11-15 22:14 - 2014-11-15 22:14 - 00000000 ____D () C:\Program Files\Roxio 2014-11-15 22:14 - 2014-11-15 22:14 - 00000000 ____D () C:\Program Files (x86)\Roxio 2014-11-15 22:13 - 2014-11-15 22:13 - 00001458 _____ () C:\Windows\xpsp1hfm.log 2014-11-15 22:13 - 2014-11-15 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy Media Creator 10 LJ 2014-11-15 22:13 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2014-11-15 22:13 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2014-11-15 22:13 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2014-11-15 22:13 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2014-11-15 22:12 - 2014-11-15 22:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main 2014-11-15 22:12 - 2014-11-15 22:12 - 00000000 ___HD () C:\SPLASH.SYS 2014-11-15 22:12 - 2014-11-15 22:12 - 00000000 ___HD () C:\SPLASH.000 2014-11-15 22:11 - 2014-11-15 22:11 - 00000000 ____D () C:\Program Files (x86)\Downloaded Installations 2014-11-15 22:04 - 2014-11-15 22:20 - 00000597 _____ () C:\Windows\DirectX.log 2014-11-15 22:04 - 2014-11-15 22:04 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk 2014-11-15 22:04 - 2014-11-15 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB 2014-11-15 22:04 - 2014-11-15 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-15 22:04 - 2014-11-15 22:04 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-11-15 22:04 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2014-11-15 22:04 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-11-15 22:04 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-11-15 22:02 - 2014-11-15 22:02 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk 2014-11-15 22:02 - 2014-11-15 22:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-11-15 22:00 - 2014-11-15 22:00 - 00001303 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk 2014-11-15 22:00 - 2014-11-15 22:00 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install 2014-11-15 22:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-11-15 22:00 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-11-15 22:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-11-15 22:00 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-11-15 22:00 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-11-15 22:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-11-15 22:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-11-15 21:57 - 2014-11-15 21:58 - 00000040 ____H () C:\Windows\system32\ivireg.ivr 2014-11-15 21:57 - 2014-11-15 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel 2014-11-15 21:57 - 2014-11-15 21:57 - 00000000 ____D () C:\ProgramData\Corel 2014-11-15 21:57 - 2014-11-15 21:57 - 00000000 ____D () C:\Program Files (x86)\Corel 2014-11-15 21:57 - 2007-04-17 11:51 - 00014112 _____ (InterVideo) C:\Windows\system32\Drivers\regi.sys 2014-11-15 21:57 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-11-15 21:56 - 2014-11-15 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite 2014-11-15 21:56 - 2014-11-15 21:58 - 00000000 ____D () C:\Program Files (x86)\ArcSoft 2014-11-15 21:56 - 2014-11-15 21:56 - 00000000 ____D () C:\ProgramData\ArcSoft 2014-11-15 21:55 - 2014-11-15 21:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-11-15 21:54 - 2014-11-15 21:54 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc 2014-11-15 21:54 - 2014-11-15 21:54 - 00000000 ____D () C:\ProgramData\eSellerate 2014-11-15 21:54 - 2014-11-15 21:54 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software 2014-11-15 21:53 - 2014-11-15 21:53 - 00002267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk 2014-11-15 21:50 - 2014-11-15 21:50 - 00001519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk 2014-11-15 21:50 - 2014-11-15 21:50 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk 2014-11-15 21:47 - 2014-11-15 21:47 - 00001892 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk 2014-11-15 21:47 - 2010-03-19 03:00 - 00055856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys 2014-11-15 21:47 - 2009-10-20 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys 2014-11-15 21:47 - 2009-10-20 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys 2014-11-15 21:44 - 2014-11-15 21:44 - 00404640 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-15 21:44 - 2014-11-15 21:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-11-15 21:43 - 2014-11-15 21:55 - 00000000 ____D () C:\ProgramData\Adobe 2014-11-15 21:43 - 2014-11-15 21:55 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-11-15 21:43 - 2014-11-15 21:43 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2014-11-15 21:43 - 2014-11-15 21:43 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2014-11-15 21:42 - 2014-11-15 22:44 - 00000000 ____D () C:\Windows\System32\Tasks\SONY 2014-11-15 21:42 - 2014-11-15 21:42 - 00002197 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk 2014-11-15 21:42 - 2014-11-15 21:42 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2014-11-15 21:40 - 2014-11-15 21:40 - 00001995 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk 2014-11-15 21:40 - 2014-11-15 21:40 - 00001531 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk 2014-11-15 21:40 - 2014-11-15 21:40 - 00001396 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO3DPortal.lnk 2014-11-15 21:40 - 2014-11-15 21:40 - 00000000 ____D () C:\Documentation 2014-11-15 21:40 - 2014-11-15 21:40 - 00000000 ____D () C:\_FS_SWRINFO 2014-11-15 21:39 - 2014-11-15 22:45 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-11-15 21:39 - 2014-11-15 22:37 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-11-15 21:39 - 2014-11-15 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-11-15 21:39 - 2014-11-15 21:39 - 00000000 ____D () C:\Windows\Sonysys 2014-11-15 21:38 - 2011-03-13 11:20 - 00009984 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnk.sys 2014-11-15 21:37 - 2014-11-15 21:37 - 00000000 ____D () C:\Program Files\mcafee.com 2014-11-15 21:37 - 2014-11-15 21:37 - 00000000 ____D () C:\Program Files (x86)\mcafee.com 2014-11-15 21:37 - 2011-03-13 11:45 - 00158832 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe 2014-11-15 21:36 - 2014-11-15 22:44 - 00000000 ____D () C:\ProgramData\McAfee 2014-11-15 21:36 - 2014-11-15 22:44 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-11-15 21:36 - 2014-11-15 21:38 - 00000000 ____D () C:\Program Files\McAfee 2014-11-15 21:36 - 2014-11-15 21:37 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2014-11-15 21:36 - 2014-11-15 21:36 - 00472808 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll 2014-11-15 21:36 - 2014-11-15 21:36 - 00157472 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe 2014-11-15 21:36 - 2014-11-15 21:36 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe 2014-11-15 21:36 - 2014-11-15 21:36 - 00145184 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe 2014-11-15 21:36 - 2014-11-15 21:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Online Backup 2014-11-15 21:36 - 2014-11-15 21:36 - 00000000 ____D () C:\ProgramData\Sun 2014-11-15 21:36 - 2014-11-15 21:36 - 00000000 ____D () C:\Program Files (x86)\McAfeeMOBK 2014-11-15 21:36 - 2014-11-15 21:36 - 00000000 ____D () C:\Program Files (x86)\McAfee Online Backup 2014-11-15 21:36 - 2014-11-15 21:36 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-15 21:36 - 2014-11-15 21:35 - 00525544 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll 2014-11-15 21:36 - 2014-11-15 21:35 - 00190752 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe 2014-11-15 21:36 - 2014-11-15 21:35 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe 2014-11-15 21:36 - 2014-11-15 21:35 - 00171808 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe 2014-11-15 21:36 - 2011-04-18 22:00 - 00066040 _____ (Mozy, Inc.) C:\Windows\system32\Drivers\MOBK649.sys 2014-11-15 21:35 - 2014-11-15 21:59 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-11-15 21:35 - 2014-11-15 21:35 - 00000000 ____D () C:\Program Files\Java 2014-11-15 21:33 - 2014-11-15 22:45 - 00000000 ____D () C:\ProgramData\Atheros 2014-11-15 21:33 - 2014-11-15 21:43 - 00000000 ____D () C:\temp 2014-11-15 21:33 - 2014-11-15 21:33 - 00000206 _____ () C:\WLAN_Setup.log 2014-11-15 21:33 - 2014-11-15 21:33 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2014-11-15 21:33 - 2014-11-15 21:33 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics 2014-11-15 21:33 - 2014-11-15 21:33 - 00000000 ____D () C:\Program Files (x86)\Atheros WiFi Driver Installation 2014-11-15 21:33 - 2011-06-29 17:46 - 00066623 _____ () C:\Windows\system32\athrextx.cat 2014-11-15 21:33 - 2011-06-21 01:03 - 02753536 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys 2014-11-15 21:33 - 2011-06-21 01:03 - 02753536 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys 2014-11-15 21:32 - 2014-11-15 21:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2014-11-15 21:32 - 2014-11-15 21:32 - 00000000 ____D () C:\Windows\SysWOW64\SDA 2014-11-15 21:32 - 2014-11-15 21:32 - 00000000 ____D () C:\Program Files\Synaptics 2014-11-15 21:32 - 2011-06-24 21:33 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll 2014-11-15 21:31 - 2014-11-15 22:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-15 21:31 - 2014-11-15 22:04 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-11-15 21:31 - 2014-11-15 21:31 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-11-15 21:30 - 2014-11-15 21:32 - 00020534 _____ () C:\Windows\DPINST.LOG 2014-11-15 21:30 - 2014-11-15 21:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-11-15 21:30 - 2011-07-20 22:10 - 08106088 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-11-15 21:30 - 2011-07-20 22:10 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll 2014-11-15 21:30 - 2011-07-20 22:10 - 00174184 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2014-11-15 21:30 - 2011-07-20 22:10 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2014-11-15 21:30 - 2011-07-20 22:09 - 20465256 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-11-15 21:30 - 2011-07-20 22:09 - 06029928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-11-15 21:30 - 2011-07-20 22:08 - 15051368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-11-15 21:30 - 2011-07-20 22:08 - 13080168 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-11-15 21:30 - 2011-07-20 22:07 - 12842600 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-11-15 21:30 - 2011-07-20 22:07 - 01643624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6420142.dll 2014-11-15 21:30 - 2011-07-20 22:07 - 01394280 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642062.dll 2014-11-15 21:30 - 2011-07-20 22:07 - 00007621 _____ () C:\Windows\system32\nvinfo.pb 2014-11-15 21:30 - 2011-07-20 22:06 - 10061416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-11-15 21:30 - 2011-07-20 22:06 - 03182184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-11-15 21:30 - 2011-07-20 22:06 - 02954856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-11-15 21:30 - 2011-07-20 22:06 - 02871400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-11-15 21:30 - 2011-07-20 22:05 - 06597736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-11-15 21:30 - 2011-07-20 22:05 - 04936808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-11-15 21:30 - 2011-07-20 22:05 - 02579560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-11-15 21:30 - 2011-07-20 22:04 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-11-15 21:30 - 2011-07-20 22:04 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 02209384 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 01971816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 01319424 _____ (SONY Deutschland GmbH - Stuttgart Technology Center) C:\Windows\system32\PVSonyDll.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 01314816 _____ (SONY Deutschland GmbH - Stuttgart Technology Center) C:\Windows\SysWOW64\PVSonyDll.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-11-15 21:30 - 2011-07-20 22:03 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd 2014-11-15 21:29 - 2014-11-15 21:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program 2014-11-15 21:29 - 2014-11-15 21:29 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite 2014-11-15 21:28 - 2014-11-15 21:28 - 00002587 _____ () C:\RHDSetup.log 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ____D () C:\Program Files\Realtek 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-11-15 21:28 - 2014-11-15 21:28 - 00000000 ____D () C:\Program Files (x86)\Dolby Home Theater v4 2014-11-15 21:28 - 2011-07-20 22:36 - 02601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 03115112 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 01805928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00220512 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00121744 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00078176 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-11-15 21:28 - 2011-07-20 22:35 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 02905320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-11-15 21:28 - 2011-07-20 22:34 - 02416744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 01560680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-11-15 21:28 - 2011-07-20 22:34 - 01245288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-11-15 21:28 - 2011-07-20 22:34 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-11-15 21:28 - 2011-07-20 22:33 - 01474048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-11-15 21:28 - 2011-07-20 22:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-11-15 21:28 - 2011-07-20 22:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-11-15 21:28 - 2011-07-20 22:33 - 00092264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 02238296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 00426328 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 00136024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-11-15 21:28 - 2011-07-20 22:32 - 00074072 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-11-15 21:28 - 2011-07-20 22:31 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2014-11-15 21:28 - 2011-07-20 22:31 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-11-15 21:28 - 2011-07-20 22:31 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-11-15 21:28 - 2011-07-20 22:29 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-11-15 21:28 - 2011-07-20 22:28 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-11-15 21:28 - 2011-07-20 22:27 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-11-15 21:28 - 2011-07-20 22:27 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-11-15 21:28 - 2011-07-20 22:27 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-11-15 21:28 - 2011-07-20 22:18 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2014-11-15 21:27 - 2014-11-15 21:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-11-15 21:26 - 2014-11-15 22:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-15 21:25 - 2014-11-15 21:32 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-11-15 21:25 - 2014-11-15 21:25 - 00000000 ____D () C:\Intel 2014-11-15 21:25 - 2011-06-24 21:49 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2014-11-15 21:23 - 2011-03-11 07:41 - 01659776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2014-11-15 21:23 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2014-11-15 21:23 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-11-15 21:23 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2014-11-15 21:23 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2014-11-15 21:23 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe 2014-11-15 21:23 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-11-15 21:22 - 2014-11-15 22:59 - 00377799 _____ () C:\Windows\WindowsUpdate.log 2014-11-15 21:19 - 2014-11-15 21:19 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-11-15 21:19 - 2014-11-15 21:19 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-11-15 21:15 - 2014-11-15 22:44 - 00000000 ____D () C:\Program Files\Sony 2014-11-15 21:15 - 2014-11-15 22:39 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-11-15 21:14 - 2014-11-15 22:47 - 00696370 _____ () C:\Windows\system32\perfh007.dat 2014-11-15 21:14 - 2014-11-15 22:47 - 00147634 _____ () C:\Windows\system32\perfc007.dat 2014-11-15 21:14 - 2014-11-15 21:13 - 00295922 _____ () C:\Windows\system32\perfi007.dat 2014-11-15 21:14 - 2014-11-15 21:13 - 00038104 _____ () C:\Windows\system32\perfd007.dat 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\WCN 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\sysprep 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\de 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\SysWOW64\0407 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\winrm 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\WCN 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\slmgr 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\de 2014-11-15 21:13 - 2014-11-15 21:13 - 00000000 ____D () C:\Windows\system32\0407 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-15 22:58 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-15 22:58 - 2009-07-14 05:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-15 22:50 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2014-11-15 22:47 - 2009-07-14 06:13 - 01611160 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-15 22:44 - 2011-05-26 15:04 - 00000074 ____H () C:\splash.idx 2014-11-15 22:43 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-11-15 22:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-15 22:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-15 22:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-15 22:41 - 2009-07-14 05:51 - 00034314 _____ () C:\Windows\setupact.log 2014-11-15 22:40 - 2011-02-10 23:48 - 00000000 ____D () C:\Windows\Panther 2014-11-15 22:40 - 2009-07-14 05:46 - 00004059 _____ () C:\Windows\DtcInstall.log 2014-11-15 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-11-15 22:39 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-15 22:38 - 2009-07-14 05:45 - 00320824 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-15 22:37 - 2011-02-10 23:52 - 00001960 _____ () C:\Windows\system32\snyinst.oem 2014-11-15 22:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-11-15 22:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2014-11-15 21:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system 2014-11-15 21:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe 2014-11-15 21:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources 2014-11-15 21:39 - 2011-02-10 23:52 - 00000012 _____ () C:\Windows\csup.txt 2014-11-15 21:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-11-15 21:39 - 2009-07-14 03:34 - 00000435 _____ () C:\Windows\win.ini 2014-11-15 21:29 - 2011-07-05 17:27 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBt.bin 2014-11-15 21:29 - 2011-07-05 17:27 - 00001274 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26.dfu 2014-11-15 21:29 - 2011-07-05 17:27 - 00001242 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x01.dfu 2014-11-15 21:29 - 2011-07-05 17:27 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x02.dfu 2014-11-15 21:29 - 2011-07-05 17:27 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40.dfu 2014-11-15 21:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization 2014-11-15 21:24 - 2011-02-11 00:03 - 01577546 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-11-15 21:19 - 2011-02-10 23:55 - 00003652 _____ () C:\Windows\TSSysprep.log 2014-11-15 21:19 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-15 21:15 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-11-15 21:15 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-11-15 21:13 - 2011-05-27 22:57 - 00000000 ____D () C:\Program Files\Windows Journal 2014-11-15 21:13 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2014-11-15 21:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME 2014-11-15 21:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2011-02-10 23:52 ==================== End Of Log ============================ Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Beatbox at 2014-11-16 02:26:53
Running from C:\Users\Beatbox\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19460 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{0483BE07-260D-4E4D-815E-F737C0A72E40}) (Version: 10.3.181.26 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{53F29A32-7D03-4635-A8B3-839D921F6F96}) (Version: 10.3.181.26 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}) (Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.444 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.82 - Atheros Communications)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.108 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Evernote v. 4.4 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.4.0.4848 - Evernote Corp.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 11.0.543 - McAfee, Inc.)
McAfee Online Backup (HKLM-x32\...\{27C467F8-F8EF-4f68-BD72-D63632B2096C}) (Version: - McAfee, Inc.)
McAfee Online Backup (Version: 1.16.6.1 - McAfee, Inc.) Hidden
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{0F895695-33CC-4203-9C47-25EF2AC9441C}) (Version: 1.7.254 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 268.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.93 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.93 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.05.00710 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.1.8.11883 - Sony Computer Entertainment Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.01.03300 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.10 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Skype™ 5.1 (HKLM-x32\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
V3DPX86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.18100 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15072 - Sony Corporation)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO 3D Portal (HKLM-x32\...\{C14EAE86-C526-4E00-B245-CFF86233C3D2}) (Version: 1.1.0.06232 - Sony Corporation)
VAIO Care (HKLM\...\{6C8F7FE6-6D5E-49FE-A4EB-6597B41C2BCA}) (Version: 7.0.1.08040 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.0.0.07070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.7.0.05270 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.0.0.03050 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.0.07080 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Fall 2011 Screensaver) (Version: - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.1.0.06030 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.7.0.07150 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.5.0.06290 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.5.06290 - Sony Corporation) Hidden
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.4.0.05310 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
15-11-2014 21:50:51 Windows Update
15-11-2014 21:58:58 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1222F19E-90E8-426B-91F6-09D578AEDC8B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {24828D59-B7FC-49A9-B98C-197A290CC244} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {3DCC581F-AE7A-400A-881B-C7A9DC3E736B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {4CCF6ECA-D65E-4D08-83EB-11E844962178} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIcon => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {4F0F786E-2FD0-47AD-9FFB-994730BD9C22} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {5D0DEF15-F328-4303-A293-052364C40BCE} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {68DED651-7771-4830-AAAD-2FEBFCF78561} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {75B516D4-9BE1-425B-9F10-726398C6ACD0} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {76B39C05-A242-4971-8A93-6F0E51575B71} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {7D524788-7559-49BB-B720-A089983E9E04} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {861598A4-39B9-4A9E-BDC0-67A4E6FE3D24} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {9D324376-E4C1-489D-90EA-FE8DE84A33B7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {9D94EFBA-BED8-45E0-9E13-CF7BCE5A9DA5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {9F98083D-FC1E-41A2-83D7-B25AC9DF6F40} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {AB8056E2-6E59-4FED-B370-A7EF99810FDC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {B0DB1392-63BD-471A-9804-9951FD843544} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {E9BBEB60-0093-44B2-9B4F-B1AFD25DF2D6} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2011-08-04] (Sony Corporation)
Task: {FCE4D5CD-6653-4986-81F7-2EB85888C265} - System32\Tasks\Sony Corporation\VAIO Care\VCUpdateLearn => C:\Program Files\Sony\VAIO Care\VCsystray.exe
==================== Loaded Modules (whitelisted) =============
2011-04-18 22:00 - 2011-04-18 22:00 - 00081208 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll
2011-05-24 00:53 - 2011-05-24 00:53 - 01102336 _____ () C:\Program Files\Sony\VAIO Care\System.Data.SQLite.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00321024 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00179712 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00054784 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00061440 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00037376 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 02229760 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00035840 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00055296 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00137728 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00134144 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-06-19 14:15 - 2011-06-19 14:15 - 00024064 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2014-11-15 21:40 - 2011-07-07 15:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2014-11-15 21:27 - 2014-11-15 21:27 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f3fe53ec4c0c7aa33e716ad6727579a2\IsdiInterop.ni.dll
2014-11-15 21:26 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-2685613165-1628040793-3540102884-500 - Administrator - Disabled)
Beatbox (S-1-5-21-2685613165-1628040793-3540102884-1000 - Administrator - Enabled) => C:\Users\Beatbox
Gast (S-1-5-21-2685613165-1628040793-3540102884-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/15/2014 11:49:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 11:49:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 11:45:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 11:45:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 11:45:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 10:44:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7278c028-8bbd-4ca4-b2d7-7db1baf065e1}
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
System errors:
=============
Error: (11/15/2014 10:44:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Upnp Server 10 erreicht.
Microsoft Office Sessions:
=========================
Error: (11/15/2014 11:49:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 11:49:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 11:45:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 11:45:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 11:45:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 10:44:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7278c028-8bbd-4ca4-b2d7-7db1baf065e1}
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (11/15/2014 10:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 35%
Total physical RAM: 8173.22 MB
Available physical RAM: 5238.09 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 11580 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:679.32 GB) (Free:634.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 24A25011)
Partition 1: (Not Active) - (Size=19.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=679.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-16 03:17:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GT00 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Beatbox\AppData\Local\Temp\ufldapob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075411465 2 bytes [41, 75]
.text C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754114bb 2 bytes [41, 75]
.text ... * 2
.text C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe[9084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075411465 2 bytes [41, 75]
.text C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe[9084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754114bb 2 bytes [41, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\winlogon.exe [716:792] 000007fefd67a5e4
Thread C:\Windows\system32\winlogon.exe [716:800] 000007fefd67a5e4
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4916:4936] 0000000076857587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4916:4968] 0000000070a50cb3
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4916:3028] 00000000775541f3
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4916:5716] 0000000077556679
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4916:7480] 0000000077556679
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78d636e8
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78d636e8 (not active ControlSet)
---- EOF - GMER 2.1 ----
Geändert von Gulash (16.11.2014 um 04:37 Uhr) |
| Themen zu Trojaner/Maleware: Activex-kontrol Live Mesh |
| bluescreen 0x80070005, browser, bundestrojaner, cpu, device driver, downloader, fehlercode 0x5, fehlercode windows, festplatte, flash player, iexplore.exe, internet, programm, proxy, prozesse, registry, rundll, security, services.exe, siteadvisor, software, svchost.exe, windows, windows live mesh trojaner, windows xp, wrapper |
Baum-Darstellung