| |
| |||||||
Log-Analyse und Auswertung: Internetverbindung extem langsam!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.11.2014, 01:30
| #1 |
| |  Internetverbindung extem langsam! Guten Tag, Seit heute wirkt das WLAN bei mir extrem langsam. Ich wohne in einer WG, wo noch 3 weitere PC/Laptops mit dem Router verbunden sind, und alle funktionieren. Das Symbol unten rechts zeigt, mit 3 bis 4 Strichen, eine Verbindung an und sagt auch das ein Internetzugriff besteht. Denoch dauert das Laden der Seiten unglaublich lange und manchmal laden die Seiten gar nicht. Ich habe in einem Froumbeitrag bei Ihnen gelesen, dass noch ein anderer USER ein ziemlich gleiches Problem hatte. Die von Ihnen angegebenen Shritte habe ich durchgeführt und im Anhang als PDF Datei gespeichert. Ich würde mich freuen wenn Sie mir weiterhelfen können. Mit freundlichen Grüßen Mr.Pink Geändert von Mr.Pink77 (21.11.2014 um 01:39 Uhr) Grund: fehler |
|
21.11.2014, 06:43
| #2 |
| /// the machine /// TB-Ausbilder    | Internetverbindung extem langsam! Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
21.11.2014, 11:10
| #3 |
| | Internetverbindung extem langsam! OTL:OTL Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 21.11.2014 00:27:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sebastian\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,95 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 66,06% Memory free
5,07 Gb Paging File | 3,06 Gb Available in Paging File | 60,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 565,87 Gb Total Space | 502,91 Gb Free Space | 88,87% Space Free | Partition Type: NTFS
Computer Name: VAIO | User Name: Sebastian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BDA9BFA-51A1-49A8-BBAC-66AD3A42D3A2}" = rport=138 | protocol=17 | dir=out | app=system |
"{0CD1CC0F-67C4-4430-917C-5188450F04F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{263CE7C5-E82B-48B0-8D92-0F754666D79F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27CBD29B-6EBC-48E1-817A-CDA560F604B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2B4E934B-A8ED-4240-9CA6-29877CFEA43D}" = rport=139 | protocol=6 | dir=out | app=system |
"{365DD2FA-240F-44C6-AB88-EA168C2107D6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4AEE5603-2CD2-4805-B0B3-6D644E0268F0}" = lport=9996 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystemtray.exe |
"{559558A8-0B02-4C4B-8092-7E6D6892CD94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58F57655-5C3E-4298-8EEE-0AFE28A4A18E}" = lport=9999 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{5B4A7410-741E-4F1D-BE1D-507797FD7986}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{63150022-FE27-4C00-94BC-5B86C96FCD3F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{63726340-3120-4281-B936-5405B02C1D33}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66C09742-ABED-4FB5-B575-FCF78882B474}" = rport=137 | protocol=17 | dir=out | app=system |
"{6F4C06F8-1B30-467E-8AC6-5E0E6DFC5A2C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70F08B90-FA8D-48F9-9B1B-CC90DC634029}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7D7BCA8A-62A1-4976-8C61-63F50DF1F857}" = lport=9998 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcadmin.exe |
"{8B2FD300-8761-40AE-ACB7-EC7765CC233B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9B51ED21-9B40-46C7-9DCE-7622B13E78AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4863C0F-00F8-4780-A3F5-3A490BED8466}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{A57CED71-171B-46A0-9589-E571DA9201F5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC82CE58-D7C0-475A-B126-42E47BD5DC5C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B048C080-ABDF-4FD0-800C-80FF9525B209}" = lport=9997 | protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaioshell.exe |
"{B181CBD6-0BB7-46C8-A645-7F0410796CA0}" = lport=137 | protocol=17 | dir=in | app=system |
"{BE7DB0DD-BFF2-418C-94DB-F1841220522C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C01D1479-B9AF-4FF4-9657-5D709148771F}" = lport=139 | protocol=6 | dir=in | app=system |
"{CE3DE876-19BA-4C8D-BD9B-D91F4BBA2868}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EF68E8-F853-4732-8CE6-7E137B0D3DB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{05C4D33E-5A6F-41B8-AEA0-DCC134BE37FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{07373F50-AE3C-4F42-A90B-6411D5E99329}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08338AA8-2C45-43A2-B064-24096B05557C}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{08F1EA3F-EF91-4DA8-B6E9-4DDE617E9323}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{0C59EA2B-99EC-4649-9AC3-514B0B1AE298}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{15311375-B326-4449-BEA1-85D9B3ADC755}" = protocol=6 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{16328A7D-DD17-4104-84BB-FAC99E2B6488}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{16AD99DB-73F8-4B52-9F37-3A63B7CD61E1}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{16B2BA7A-1CAF-4FC3-9E4B-505EB90A4453}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1829E993-14B3-4840-80DA-C1DA269F4D0A}" = dir=in | name=check point vpn |
"{1CC313B1-F35E-4F33-81B2-2EB3986C7E3B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1CD3E0D4-5741-4043-823A-1C12D0FEC9E3}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{1D22AFED-A08E-4B36-8356-0B83C38663D0}" = dir=out | name=juniper networks junos pulse |
"{21C013B0-F7DC-49AB-9F13-BCBD1DC646D5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{242B9EF8-72F7-4874-AD56-3777C693A54D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{30808539-BFD7-45D7-8300-FAEB9E5ECEA8}" = protocol=17 | dir=in | app=c:\program files\kmspico\kmseldi.exe |
"{3CB32848-01F2-44A1-9274-44B41BCA25D2}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{423EB7E5-8607-437C-A9FF-882E1EF32D61}" = protocol=6 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{49F76E53-AC8C-4DD0-B2AE-7B139DA0ADCC}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4C4A74DF-CE75-428F-8E1C-A867C023C586}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4CAA3FDE-1BF1-4331-AD52-D68C878E7F90}" = dir=out | name=f5 vpn |
"{4CFA526C-9D9B-4B2D-B436-CDE72249A761}" = dir=in | name=f5 vpn |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55DF9FC0-0F18-41A2-B0CF-CBC96D37A591}" = dir=out | name=sony select |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5BF679BC-BD83-482F-B5BD-987D0788765D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C2AFEB8-84DB-4D3B-A412-32B2681A6BF1}" = protocol=17 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{5C83A720-6634-4F27-A7B0-8286AC9F01C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{615AC0F1-7F73-48FA-B74C-B0835E98991F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{616E9C31-234D-4CDA-8243-71780B76A838}" = dir=out | name=windows_ie_ac_001 |
"{6523CBA2-421E-4625-A3EB-1CB02099558D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{67748646-879E-4024-8574-4D34A9786098}" = dir=out | name=sonicwall mobile connect |
"{6EC0A845-0911-4A9B-BCC5-25392A9E2CC1}" = dir=out | name=vaio care |
"{705CEB64-BFD0-4EF5-9CDE-31BBB90A3BCB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{774CF7D1-8C0D-4E9D-9E75-51902E95F2AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BE92192-A66E-4013-BD22-A4035BBC56CF}" = protocol=17 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8C8A41A6-3AC3-4F5E-A6FD-24725BF139D6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{92B73091-1693-4902-8B0F-22D7D1F56985}" = dir=in | name=juniper networks junos pulse |
"{9935EFE3-43F6-4196-9C3A-5736AA704A7A}" = dir=out | name=@{microsoft.bingweather_3.0.4.214_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{9B42380A-EE6B-4161-B05D-3EAE9D02E40C}" = protocol=17 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{9BEB9695-7587-47B0-979F-5F793D57FF1E}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9FE7B541-8584-4675-B382-8CCA4568B621}" = dir=out | name=windows_ie_ac_001 |
"{A20FDD8E-8115-447B-83E3-E28874ED90D2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A42674CC-91D2-4FE4-A238-A4F1DD936789}" = protocol=17 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{A83CCF36-EF54-47E1-9392-B0CF01EF1EFE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A854E08F-D637-4C07-9F38-FFF19B85D0DB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{A9526344-123E-49A5-966A-B4958D0AC397}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AFE7DAB5-B276-4412-96C6-D65C7FC4B86E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0CDC45B-3AE5-4A40-83D1-A6B38CA3B32B}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B2C67480-BDA3-43B3-BBDF-B18B030A714F}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{B38A9CD7-D200-48E7-B1F2-FD92C1BCD842}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B3D79E6A-2EB6-47C7-B93F-F41637DB54F7}" = protocol=6 | dir=in | app=c:\program files\kmspico\kmseldi.exe |
"{B6130D70-148F-45ED-AC4D-99149E9478A8}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{BBA4233E-89D7-4CA7-BFEA-FFD3525ACAD2}" = dir=in | name=vaio care |
"{BEE60A39-B041-450C-AF04-FE0A37363559}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{C0F73CE6-F8EB-429E-8474-ED894B90CAFF}" = dir=out | name=check point vpn |
"{C19F2395-5A6A-468E-83E2-6973BF4A3866}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{C1B00B3D-C86C-49D9-B564-2A8C495AC068}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C71923DC-A539-4886-B7E4-2FB80D66EE4A}" = protocol=6 | dir=out | app=system |
"{C7DCCE62-FF36-492B-9A74-DFE351CA66DA}" = protocol=6 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{CEA72D8C-D2A3-4A54-A395-7CCE926383CD}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{D39D3007-D115-4182-B51E-28D05E155BD0}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D649929A-7890-49EF-A995-2A83B27E4366}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D77B6CA8-CBA3-4A3B-A1B7-208CB3F33316}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D95E3398-85B8-4046-A567-467483C2DBD0}" = dir=in | name=sonicwall mobile connect |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB7DFDFC-D291-444F-BD84-EEAECAB67100}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{E1805A27-552A-4360-A170-2BA67CBC7D2F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{E2DA1157-479D-492D-8E07-EA9867F34A2E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE8429CA-0610-4258-B011-A636D0A13754}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F1ACB46E-31A2-4270-911C-D9737A613900}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F34C7346-34CB-49A3-818D-AD77C1E66217}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{F598F192-AFBC-4D6F-84C4-462775FC1D6D}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7E21D53-1247-4241-A1DE-86402119C4B1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{F87A8E26-D6FD-4582-B0A1-B9F53CC7873C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{FA15347A-5A31-4B14-A472-6A1098155FBE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{FA91E009-3EC8-4D15-ABFC-7DB88C5B4CAA}" = protocol=6 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{FB444F99-E47B-42D9-AEEA-F228361026C2}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"{FE1AC0D0-1EC2-4D54-8D72-06E34CB98D21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF09B6AE-0746-4E97-8DB5-86A45A4EF35C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FF5F5556-6580-4FA5-9BCD-D2C8C458F9B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{391668B0-0F62-4B8E-90A3-4199B57BC377}C:\users\sebastian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\sebastian\appdata\roaming\spotify\spotify.exe |
"TCP Query User{F48CE642-DC16-4C81-B498-B64DE1CE82CA}C:\users\sebastian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\sebastian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{6AB07D50-12FD-4CFA-AF5A-50FCC6D906C9}C:\users\sebastian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\sebastian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{FD714420-32AA-4AB9-9E42-3D515543A9C7}C:\users\sebastian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\sebastian\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{15B9204E-BA09-485E-8F2C-094AC0077664}" = VAIO Care Recovery
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}" = VCCx64
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}" = ccc-utility64
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{553C52C6-993E-47D4-8E49-3097B4BD4969}" = VGClientX64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8157CD7B-6C16-BF51-8373-DBD36C6C7A8C}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FAEBD68-0823-C403-71B0-DF34108D1FEE}" = ccc-utility64
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{92907606-B2FC-4193-B0CE-A21159DA3ABB}" = VAIO Care
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology
"{A32D8EB3-5DED-843A-EEC1-EF101DFADD77}" = AMD Accelerated Video Transcoding
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}" = Networkx64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B93C07D4-49FF-440D-8A6A-054A42AEA960}" = Store App Support Utility
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DE90F622-B4DB-D4D2-A571-AF747688C02E}" = AMD Catalyst Install Manager
"{E7ACB435-E0B4-4770-77DE-ED38887CD133}" = AMD Fuel
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"3474A1290735048672AEA82C2CD0D7B80668F793" = Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net (08/07/2013 10.0.0.263)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.71
"FF9ECD00DD25FDB7D3208607214790302878ACBE" = Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260)
"KMSpico_is1" = KMSpico v9.2.3
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Start8_is1" = Stardock Start8
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{00B7EC6D-2AE0-817B-89A2-21BE989592BF}" = CCC Help Norwegian
"{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}" = CCC Help Turkish
"{104DE091-6C4F-C5A9-F619-5D6C965A0296}" = CCC Help Chinese Traditional
"{11080B08-36F8-A1D0-645B-7826AFAE62F6}" = CCC Help Finnish
"{1308267E-CA6E-BE54-696D-AE514DD9B9FE}" = CCC Help Chinese Traditional
"{141D9F93-938F-7EB1-DBC1-002AEB3F32FF}" = CCC Help Italian
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{16CA3FD1-8997-28BA-ECBE-1CC526BDB125}" = CCC Help English
"{196D3224-B988-51DB-F02A-C9D2B1D722D1}" = Catalyst Control Center InstallProxy
"{19AD5AC4-79A4-AA10-C2F9-E0FB1EC81401}" = CCC Help Turkish
"{1DDB1F9C-348B-F012-C8AB-69FF7CBE62DB}" = CCC Help Chinese Traditional
"{2165FFC4-A699-7563-A5FA-A3EFFD898008}" = CCC Help Dutch
"{22AE4B0E-063B-BD6D-10CD-B63294D587EF}" = Catalyst Control Center Localization All
"{246408AB-5FDB-4100-1A9E-EC30B3D17FA2}" = CCC Help Thai
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.22
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{285C9F30-3BF8-697B-BD1D-353435E94B78}" = CCC Help Hungarian
"{29967A7C-6E18-91CD-BBE4-9C09F401E950}" = CCC Help Italian
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2B983AF6-FA96-8AC3-829E-198280682F24}" = CCC Help Greek
"{33A35F00-D178-A59C-6E99-F413763997CE}" = CCC Help Hungarian
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3822A80C-D936-55A5-087D-B305A848A5CE}" = CCC Help Korean
"{38D9AE26-95FF-B2C9-39E2-C88413B29E33}" = CCC Help Turkish
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3C2DC90D-BCA4-381D-960A-08B3B4F7C331}" = CCC Help English
"{3E998A72-6AB5-4919-B75E-C1E8A41889C8}" = Catalyst Control Center - Branding
"{41E6584F-41E4-22F0-F65A-63A83F974F06}" = CCC Help Japanese
"{44C1D896-8E1A-FE89-E5FE-974A7AE20A98}" = CCC Help Czech
"{460CC00A-4971-7D2D-AF1C-4545D6A6FC6C}" = CCC Help Hungarian
"{46D73695-AD4F-2FFB-6AEA-F3A0804C3935}" = AMD Catalyst Control Center
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A76DD24-848F-A53E-4776-E4BC412D2BF8}" = CCC Help Chinese Standard
"{4F439C2B-B8F5-D44D-F8BF-72A5905515A0}" = CCC Help Greek
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{54D05374-2428-7BE0-58CD-CE8031163DE6}" = CCC Help Russian
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5919E98A-4FDD-811B-5827-956E5AD213E1}" = CCC Help Spanish
"{595700EB-E84D-4F4F-552E-736E307417EC}" = CCC Help Swedish
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5C6AFE98-08BF-086A-300D-18F77D284966}" = CCC Help Swedish
"{5C757800-27E8-2AE3-889A-8B959AE689F8}" = CCC Help Japanese
"{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}" = AMD Catalyst Control Center
"{5D3EC645-B957-36A1-068A-FE8450963669}" = CCC Help Spanish
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{61B90A4D-8CC9-2FED-2495-AC8C9467C984}" = CCC Help Norwegian
"{624A9E6C-2A26-4A18-8A9B-9D0EA6945355}" = Catalyst Control Center - Branding
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6808CCB2-E424-2DCD-643F-E8631A86973D}" = CCC Help Chinese Standard
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{70722849-D265-F79C-B646-ED8CA851455D}" = CCC Help Russian
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76435A97-DD34-6208-23BB-7DEBA5F85A59}" = CCC Help French
"{7C5B13DA-6A68-86C7-ED29-610CA0F49555}" = CCC Help French
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80680785-2EE1-053F-9CD3-4B2C904596EE}" = Catalyst Control Center InstallProxy
"{82737832-7A30-929B-568B-9FE35516B9FA}" = CCC Help Russian
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8440D2CB-34C0-344B-4C4C-CE65AF8CB431}" = CCC Help Korean
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{88E62861-DF18-F361-935F-C249D4CEEE8C}" = Catalyst Control Center Graphics Previews Common
"{8B8EE0D6-0103-9FE2-FF12-3F50E787C010}" = CCC Help Swedish
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{92ED0399-048F-39DF-61C7-96752A40F776}" = CCC Help Portuguese
"{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A3806AB7-AB46-7672-A825-F9AE0DE6910A}" = CCC Help Finnish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{A872F371-4130-3775-C03B-9C8631A01019}" = Catalyst Control Center Graphics Previews Common
"{A8D887AD-4791-B75A-98CE-05A8035B29F6}" = CCC Help Polish
"{A929D11F-D0FC-FC99-1D33-529913277565}" = CCC Help Danish
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{ABAA111A-CAF7-F50F-5DA5-2797514D6876}" = CCC Help German
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AFB3EA06-A755-0DA9-5502-F559F47E82A4}" = CCC Help Italian
"{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}" = VCCx86
"{B079957C-3276-4B9F-DB08-D1CA8C090D9E}" = CCC Help Greek
"{B12BE177-DC00-5746-3AB9-91CD090AF555}" = Catalyst Control Center Localization All
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO CPU-Lüfterdiagnose
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BF5509A0-250A-25EA-0C19-61505E9EBA13}" = CCC Help Chinese Standard
"{C080BCD8-0C82-E540-A5F3-E6DE4D00265A}" = CCC Help Thai
"{C2C88907-9F1F-F1C2-BA4F-B027D6DC382D}" = CCC Help Polish
"{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}" = VAIO Movie Creator
"{C4B862BC-6429-7520-3DEF-7C7E9541CFAB}" = CCC Help French
"{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}" = CCC Help Thai
"{C5DF4215-FDE0-95DF-FF35-A69A84D98875}" = CCC Help Portuguese
"{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}" = CCC Help German
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C7328E5C-1D13-5EA6-CCDF-27FDF6951345}" = Catalyst Control Center Localization All
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CEC252BD-EED3-DB13-CBE4-06C5927F2BC2}" = CCC Help Czech
"{D0DA051C-3935-A9E8-99ED-E6BCE40BD0AA}" = CCC Help Spanish
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}" = Adobe Photoshop CC 2014
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{DB6006BA-EA18-42AE-BD12-9EDBD6CC182B}" = CCC Help Norwegian
"{E92A5DD8-5FDE-3CA5-9E4C-45DF9A3D143A}" = CCC Help Japanese
"{EB766D4A-C56C-946D-F74D-43C78FE4521E}" = CCC Help Korean
"{EBAA5868-9F0E-EDD2-7742-88416B2C4729}" = CCC Help Danish
"{EBED42ED-3BD3-C128-1EDB-8F9A9D4301F3}" = CCC Help Dutch
"{EC153498-00E1-4C9C-89BE-81527C6750BE}" = VAIO Care-Hardwarediagnose-Plugin
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{ED0D7699-1943-0C29-7465-6530F8DE2DA2}" = CCC Help Polish
"{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}" = CCC Help Czech
"{EDC86DEE-8706-5B02-1EE9-3BD7E3F651A8}" = CCC Help German
"{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}" = XperiaLinkx86
"{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}" = CCC Help Danish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F88041DA-1882-C40E-BEF0-96A8483EC9E2}" = CCC Help Finnish
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}" = CCC Help Portuguese
"{FDF2FE33-426D-45C2-4E70-76C162F1B790}" = CCC Help English
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"Hearthstone" = Hearthstone
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}" = VAIO Movie Creator
"League of Legends 3.0.1" = League of Legends
"Mozilla Firefox 33.1 (x86 de)" = Mozilla Firefox 33.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"StarCraft II" = StarCraft II
"WUCCCApp" = Catalyst Control Center
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.10.2014 15:28:50 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0,
Zeitstempel: 0x5313ef48 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00007ffdd7c20399
ID
des fehlerhaften Prozesses: 0x79c Startzeit der fehlerhaften Anwendung: 0x01cff152f6dd51be
Pfad
der fehlerhaften Anwendung: C:\Program Files\KMSpico\Service_KMS.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 4fd5793e-5d46-11e4-be80-083e8ed0eb4c Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 26.10.2014 19:45:00 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0,
Zeitstempel: 0x5313ef48 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00007ffb6fdc0399
ID
des fehlerhaften Prozesses: 0x7bc Startzeit der fehlerhaften Anwendung: 0x01cff176bbe7c950
Pfad
der fehlerhaften Anwendung: C:\Program Files\KMSpico\Service_KMS.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 193194a7-5d6a-11e4-be81-083e8ed0eb4c Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 27.10.2014 06:44:38 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0,
Zeitstempel: 0x5313ef48 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00007fff93e60399
ID
des fehlerhaften Prozesses: 0x768 Startzeit der fehlerhaften Anwendung: 0x01cff1d2f2096bd8
Pfad
der fehlerhaften Anwendung: C:\Program Files\KMSpico\Service_KMS.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 3f0a2a34-5dc6-11e4-be82-083e8ed0eb4c Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 06.11.2014 05:38:31 | Computer Name = VAIO | Source = SampleCollector | ID = 131331
Description = init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess
verwendet wird.
Error - 09.11.2014 01:43:15 | Computer Name = VAIO | Source = SampleCollector | ID = 131331
Description = init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess
verwendet wird.
Error - 11.11.2014 08:20:40 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428,
Zeitstempel: 0x520b1060 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00012f4b ID des fehlerhaften
Prozesses: 0x19d0 Startzeit der fehlerhaften Anwendung: 0x01cffda9e7737a0f Pfad der
fehlerhaften Anwendung: C:\Gamez\LOL\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften
Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dll
Berichtskennung:
25c4b59b-699d-11e4-be83-083e8ed0eb4c Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 11.11.2014 08:20:51 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428,
Zeitstempel: 0x520b1060 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00012f4b ID des fehlerhaften
Prozesses: 0x97c Startzeit der fehlerhaften Anwendung: 0x01cffda9eeedfd23 Pfad der
fehlerhaften Anwendung: C:\Gamez\LOL\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften
Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dll
Berichtskennung:
2ca5215a-699d-11e4-be83-083e8ed0eb4c Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 11.11.2014 08:20:59 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428,
Zeitstempel: 0x520b1060 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00012f4b ID des fehlerhaften
Prozesses: 0x1fe8 Startzeit der fehlerhaften Anwendung: 0x01cffda9f3c84feb Pfad der
fehlerhaften Anwendung: C:\Gamez\LOL\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften
Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dll
Berichtskennung:
31820e46-699d-11e4-be83-083e8ed0eb4c Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 11.11.2014 08:23:41 | Computer Name = VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0,
Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.8428,
Zeitstempel: 0x520b1060 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00012f4b ID des fehlerhaften
Prozesses: 0x12e8 Startzeit der fehlerhaften Anwendung: 0x01cffdaa53a92c8c Pfad der
fehlerhaften Anwendung: C:\Gamez\LOL\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften
Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\MSVCR80.dll
Berichtskennung:
9213760b-699d-11e4-be84-083e8ed0eb4c Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 13.11.2014 10:16:45 | Computer Name = VAIO | Source = SampleCollector | ID = 131331
Description = init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20:
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess
verwendet wird.
[ ESRV_SVC Events ]
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
Error - 11.11.2014 08:21:43 | Computer Name = VAIO | Source = ESRV_SVC | ID = 2
Description =
[ System Events ]
Error - 09.11.2014 08:16:02 | Computer Name = VAIO | Source = bowser | ID = 8016
Description =
Error - 10.11.2014 01:30:08 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
Error - 10.11.2014 01:31:13 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
Error - 10.11.2014 01:31:43 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
Error - 11.11.2014 06:02:40 | Computer Name = VAIO | Source = bowser | ID = 8016
Description =
Error - 11.11.2014 08:23:12 | Computer Name = VAIO | Source = Service Control Manager | ID = 7034
Description = Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 11.11.2014 08:23:40 | Computer Name = VAIO | Source = bowser | ID = 8016
Description =
Error - 11.11.2014 08:50:07 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
Error - 12.11.2014 08:16:07 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
Error - 12.11.2014 08:16:37 | Computer Name = VAIO | Source = DCOM | ID = 10010
Description =
< End of report >
OTL logfile created on: 21.11.2014 00:27:32 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sebastian\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17416) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,95 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 66,06% Memory free 5,07 Gb Paging File | 3,06 Gb Available in Paging File | 60,36% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 565,87 Gb Total Space | 502,91 Gb Free Space | 88,87% Space Free | Partition Type: NTFS Computer Name: VAIO | User Name: Sebastian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.11.21 00:05:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sebastian\Downloads\OTL.exe PRC - [2014.10.26 16:45:55 | 001,420,552 | ---- | M] (FNet Co., Ltd.) -- C:\ProgramData\AutoStarter\AutoStarter.exe PRC - [2014.06.27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2014.06.24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2014.06.24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2014.06.19 00:50:18 | 000,143,288 | ---- | M] (Stardock Software, Inc) -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe PRC - [2014.04.25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2014.02.27 22:12:22 | 000,893,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe PRC - [2014.02.20 14:34:44 | 000,060,504 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2013.11.28 22:14:12 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013.08.07 13:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2013.08.07 13:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012.08.18 04:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe PRC - [2012.08.18 04:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe PRC - [2012.08.17 23:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2012.08.06 18:54:48 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.08.06 18:53:51 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.08.06 18:52:02 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012.08.06 18:43:50 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012.06.08 04:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe ========== Modules (No Company Name) ========== MOD - [2014.05.13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2014.05.13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2014.05.13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2012.06.08 10:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012.06.08 04:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - [2014.10.31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2014.10.07 02:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2014.09.24 07:49:50 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:64bit: - [2014.09.24 07:34:09 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2014.09.24 07:34:08 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2014.09.24 07:24:02 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2014.09.24 07:18:42 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2014.09.24 07:18:42 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2014.09.24 07:18:38 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2014.09.24 07:18:36 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2014.09.24 07:18:36 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2014.09.24 07:18:33 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2014.08.16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2014.08.16 01:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2014.08.16 01:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013.11.19 09:21:08 | 000,266,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2013.09.26 14:20:36 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.08.22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2013.08.22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2013.08.22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2013.08.22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2013.08.22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2013.08.22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2013.08.22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2013.08.22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2013.08.22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2013.08.22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013.08.22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.08.22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2013.08.22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2013.08.22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013.08.22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV - [2014.11.11 20:57:31 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014.11.10 17:08:31 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014.09.24 07:49:49 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2014.08.16 04:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2014.06.19 00:50:18 | 000,143,288 | ---- | M] (Stardock Software, Inc) [Auto | Running] -- C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe -- (Start8) SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014.03.02 21:58:08 | 000,977,088 | ---- | M] () [Auto | Stopped] -- C:\Programme\KMSpico\Service_KMS.exe -- (Service KMSELDI) SRV - [2014.02.28 16:05:06 | 001,642,544 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2014.02.20 14:34:44 | 000,060,504 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2014.01.23 08:04:54 | 000,178,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose64) SRV - [2013.11.28 22:38:34 | 000,318,592 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2013.11.28 22:14:12 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2013.11.19 09:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe -- (USER_ESRV_SVC) SRV - [2013.11.19 09:21:08 | 000,377,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Care\ESRV\esrv_svc.exe -- (ESRV_SVC) SRV - [2013.10.16 12:29:30 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe -- (McComponentHostServiceSony) SRV - [2013.09.28 03:45:04 | 000,625,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport) SRV - [2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013.08.07 13:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.11.07 16:13:06 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2012.10.15 16:08:18 | 000,461,024 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2012.10.15 16:08:18 | 000,078,560 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2012.10.15 16:08:12 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2012.08.18 04:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2012.08.06 18:54:48 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.08.06 18:53:51 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.08.06 18:52:02 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.08.06 18:43:50 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012.07.19 17:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2012.04.20 13:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.12.01 09:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014.10.26 17:47:13 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2014.10.26 16:45:54 | 000,037,128 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETVDDA.SYS -- (FNETVDDA) DRV:64bit: - [2014.10.26 16:45:23 | 000,016,648 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX) DRV:64bit: - [2014.10.24 13:12:22 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro) DRV:64bit: - [2014.10.23 19:41:22 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2014.10.10 02:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2014.09.24 08:07:45 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2014.09.24 07:34:14 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2014.09.24 07:34:09 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2014.09.24 07:34:08 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2014.09.24 07:23:55 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2014.09.24 07:23:53 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2014.09.24 07:23:53 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2014.09.24 07:18:37 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:64bit: - [2014.09.24 07:18:34 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2014.09.24 07:18:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2014.09.24 07:18:24 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2014.09.24 07:18:24 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2014.09.24 07:18:24 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2014.09.24 07:18:24 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2014.09.24 07:18:24 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2014.09.24 07:18:24 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2014.09.24 07:18:24 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2014.09.24 07:18:24 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2014.09.24 07:18:24 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2014.09.24 07:00:21 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2014.09.22 04:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2014.09.22 04:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2014.09.22 03:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2014.08.15 01:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2014.03.20 05:40:52 | 000,359,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2013.12.02 07:11:42 | 003,837,440 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr) DRV:64bit: - [2013.11.28 22:16:18 | 000,428,488 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_vdp.sys -- (BTATH_VDP) DRV:64bit: - [2013.11.28 22:16:18 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2013.11.28 22:16:18 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2013.11.28 22:16:18 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2013.11.28 22:16:18 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2013.11.28 22:16:18 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2013.11.28 22:16:18 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2013.11.28 22:16:18 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2013.09.26 14:21:56 | 000,138,240 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService) DRV:64bit: - [2013.09.26 14:20:42 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.09.26 14:20:40 | 012,521,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2013.08.22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2013.08.22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:64bit: - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2013.08.22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2013.08.22 12:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2013.08.22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2013.08.22 12:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) |
|
21.11.2014, 11:14
| #4 |
| | Internetverbindung extem langsam! DRV:64bit: - [2013.08.22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2013.08.22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2013.08.22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:64bit: - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2013.08.22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2013.08.22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2013.08.07 13:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2013.06.18 15:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012.09.27 07:59:24 | 000,457,528 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.09.27 07:59:24 | 000,044,344 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI) DRV:64bit: - [2012.08.06 18:48:09 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.07.11 13:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2012.06.25 09:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:64bit: - [2012.06.11 03:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sows.sys -- (SOWS) DRV:64bit: - [2011.05.18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = CountrySelector - Sony [binary data] IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = CountrySelector - Sony [binary data] IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\..\SearchScopes,DefaultScope = {18BF72F4-3FB1-447B-B92E-D199D0022304} IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\..\SearchScopes\{18BF72F4-3FB1-447B-B92E-D199D0022304}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\..\SearchScopes\{E7A33EE5-C75B-419B-8666-3E26280BC22A}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms} IE - HKU\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7Bc0c588b6-b11d-4898-af00-079fed05aa32%7D:33.4 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.10 17:08:19 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.11.10 17:08:19 | 000,000,000 | ---D | M] [2014.10.26 16:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebastian\AppData\Roaming\mozilla\Extensions [2014.11.12 02:08:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sebastian\AppData\Roaming\mozilla\Firefox\Profiles\u63y4025.default\extensions [2014.11.01 04:28:49 | 000,271,861 | ---- | M] () (No name found) -- C:\Users\Sebastian\AppData\Roaming\mozilla\firefox\profiles\u63y4025.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi [2014.11.12 02:08:22 | 002,704,860 | ---- | M] () (No name found) -- C:\Users\Sebastian\AppData\Roaming\mozilla\firefox\profiles\u63y4025.default\extensions\{c0c588b6-b11d-4898-af00-079fed05aa32}.xpi [2014.11.09 02:00:57 | 000,556,288 | ---- | M] () (No name found) -- C:\Users\Sebastian\AppData\Roaming\mozilla\firefox\profiles\u63y4025.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014.11.10 17:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014.11.10 17:08:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014.01.21 20:07:48 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AutoStarter] C:\ProgramData\AutoStarter\AutoStarter.exe (FNet Co., Ltd.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-3682838677-2340648440-811510088-1001..\Run: [BrowserChoice] C:\Windows\BrowserChoice\browserchoice.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3682838677-2340648440-811510088-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKU\S-1-5-21-3682838677-2340648440-811510088-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKU\S-1-5-21-3682838677-2340648440-811510088-1001..\Run: [Spotify] C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-3682838677-2340648440-811510088-1001..\Run: [Spotify Web Helper] C:\Users\Sebastian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Amazon! - {c0e8ae32-0758-4c8d-ab71-23b361fe8964} - C:\Users\SEBAST~1\AppData\Local\Temp\ie_script.htmWARE\Microsoft\Windows NT\CurrentVersion\Windows File not found O9 - Extra 'Tools' menuitem : Amazon! - {c0e8ae32-0758-4c8d-ab71-23b361fe8964} - C:\Users\SEBAST~1\AppData\Local\Temp\ie_script.htmWARE\Microsoft\Windows NT\CurrentVersion\Windows File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{784DAAF2-8073-4357-9DFC-2793A243F585}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C18D62EF-7EAB-4525-AC40-5123DBD54164}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{89cf8c5d-5d2d-11e4-be7d-083e8ed0eb4c}\Shell - "" = AutoRun O33 - MountPoints2\{89cf8c5d-5d2d-11e4-be7d-083e8ed0eb4c}\Shell\AutoRun\command - "" = "E:\Office.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - U ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2014.11.20 16:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2014.11.20 16:18:24 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe [2014.11.20 16:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2014.11.20 16:18:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2014.11.20 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Diagnostics [2014.11.14 00:16:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014.11.14 00:00:29 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll [2014.11.14 00:00:26 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys [2014.11.14 00:00:26 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys [2014.11.14 00:00:25 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys [2014.11.14 00:00:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll [2014.11.14 00:00:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll [2014.11.13 23:59:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll [2014.11.13 23:59:51 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll [2014.11.13 23:59:51 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll [2014.11.13 23:59:29 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2014.11.13 23:59:29 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll [2014.11.13 23:59:29 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll [2014.11.13 23:59:28 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll [2014.11.13 23:59:27 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll [2014.11.13 23:59:27 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll [2014.11.13 23:59:27 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll [2014.11.13 23:59:27 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll [2014.11.13 23:59:27 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll [2014.11.13 23:59:27 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys [2014.11.13 23:59:26 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll [2014.11.13 23:58:36 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll [2014.11.13 23:58:34 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2014.11.13 23:58:33 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2014.11.13 23:58:32 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2014.11.13 23:58:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll [2014.11.13 23:58:31 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll [2014.11.13 23:58:31 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2014.11.13 23:58:21 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll [2014.11.13 23:58:21 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2014.11.13 23:58:21 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2014.11.13 23:58:20 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll [2014.11.13 23:58:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll [2014.11.13 23:58:20 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll [2014.11.13 23:58:20 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2014.11.13 23:58:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2014.11.13 23:58:20 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll [2014.11.13 23:58:20 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2014.11.13 23:58:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll [2014.11.13 23:58:20 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe [2014.11.13 23:58:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe [2014.11.13 23:58:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll [2014.11.13 23:58:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll [2014.11.13 23:55:38 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014.11.13 23:55:26 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014.11.13 23:55:24 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014.11.13 23:55:24 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2014.11.13 23:55:24 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2014.11.13 23:55:23 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll [2014.11.13 23:55:22 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014.11.13 23:55:22 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014.11.13 23:55:21 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014.11.13 23:55:21 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll [2014.11.13 23:55:20 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014.11.13 23:55:20 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014.11.13 23:55:20 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014.11.13 23:55:20 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014.11.13 23:55:19 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014.11.13 23:55:19 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014.11.13 23:55:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014.11.13 23:55:14 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec [2014.11.13 23:55:14 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014.11.13 23:55:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014.11.13 23:55:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014.11.13 23:55:13 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll [2014.11.13 23:55:13 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014.11.13 23:55:13 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014.11.13 23:55:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2014.11.13 23:55:13 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll [2014.11.13 23:55:13 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2014.11.13 23:55:12 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014.11.13 23:55:11 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec [2014.11.13 23:55:11 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll [2014.11.13 23:55:11 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll [2014.11.13 23:55:11 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll [2014.11.13 23:55:11 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx [2014.11.13 23:55:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014.11.13 23:55:11 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx [2014.11.13 23:55:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe [2014.11.13 23:55:10 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll [2014.11.13 23:55:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll [2014.11.13 23:55:10 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014.11.13 23:55:10 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014.11.13 23:55:10 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014.11.13 23:55:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014.11.13 23:55:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll [2014.11.13 23:55:09 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014.11.13 23:55:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll [2014.11.13 23:55:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014.11.13 23:55:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll [2014.11.13 23:55:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll [2014.11.13 23:54:59 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll [2014.11.13 23:54:59 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll [2014.11.13 23:54:59 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe [2014.11.13 23:54:59 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe [2014.11.13 23:54:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll [2014.11.13 23:54:59 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014.11.13 23:54:59 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll [2014.11.13 23:54:59 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014.11.13 23:54:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014.11.13 23:54:59 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll [2014.11.13 23:54:58 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe [2014.11.13 23:54:58 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014.11.13 23:54:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe [2014.11.13 23:54:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe [2014.11.13 23:54:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe [2014.11.13 23:53:41 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2014.11.13 23:53:41 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll [2014.11.13 23:53:40 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2014.11.13 23:53:40 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll [2014.11.13 23:53:40 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe [2014.11.13 23:53:39 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2014.11.13 23:53:39 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll [2014.11.13 23:53:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll [2014.11.13 23:53:35 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll [2014.11.12 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Documents\Tom-Finn [2014.11.11 13:20:46 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\CrashDumps [2014.11.10 17:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014.11.05 23:07:12 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SysNative\CanonIJ Uninstaller Information [2014.11.05 23:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series [2014.11.05 23:06:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2014.11.05 23:05:38 | 000,361,472 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMLMAE.DLL [2014.11.03 17:47:41 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Documents\Benutzerdefinierte Office-Vorlagen [2014.11.03 17:47:10 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Documents\Schule [2014.10.31 16:49:27 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Skype [2014.10.31 16:49:22 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Skype [2014.10.31 16:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014.10.31 16:49:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014.10.31 16:49:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2014.10.31 16:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2014.10.31 15:32:48 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\LolClient [2014.10.31 14:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games [2014.10.31 14:11:18 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll [2014.10.31 14:11:18 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll [2014.10.31 14:11:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll [2014.10.31 14:11:17 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll [2014.10.31 14:11:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll [2014.10.31 14:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [2014.10.31 14:07:25 | 000,000,000 | ---D | C] -- C:\Gamez [2014.10.31 14:05:33 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Riot Games [2014.10.27 11:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2014.10.27 11:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2014.10.27 00:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [2014.10.27 00:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hearthstone [2014.10.27 00:50:20 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Documents\StarCraft II [2014.10.27 00:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2014.10.27 00:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2014.10.26 20:43:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2014.10.26 19:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2014.10.26 19:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2014.10.26 19:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2014.10.26 19:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2014.10.26 19:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2014.10.26 18:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico [2014.10.26 18:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico [2014.10.26 18:32:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2014.10.26 18:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2014.10.26 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2014.10.26 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2014.10.26 18:27:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH [2014.10.26 18:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2014.10.26 18:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2014.10.26 18:25:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2014.10.26 18:24:41 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Microsoft Help [2014.10.26 18:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2014.10.26 18:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2014.10.26 18:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2014.10.26 18:04:36 | 000,000,000 | RH-D | C] -- C:\MSOCache [2014.10.26 17:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2014.10.26 17:47:13 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys [2014.10.26 17:47:06 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\DAEMON Tools Lite [2014.10.26 17:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2014.10.26 17:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2014.10.26 17:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2014.10.26 17:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2014.10.26 17:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [2014.10.26 17:22:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net [2014.10.26 17:21:25 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Blizzard Entertainment [2014.10.26 17:21:18 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Battle.net [2014.10.26 17:21:18 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Battle.net [2014.10.26 17:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2014.10.26 17:13:59 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Temp6bb561d87a5a3d49dbb3714fc79d48f3 [2014.10.26 17:13:59 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Temp36bef88897821ed6cf39b95bc4ea20f7 [2014.10.26 17:13:59 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\ChromeExtensions [2014.10.26 17:13:35 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Tempa124de276c05c6fd39c43fc626371a92 [2014.10.26 17:12:05 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Macromedia [2014.10.26 17:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2014.10.26 17:06:55 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Atheros [2014.10.26 17:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2014.10.26 16:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2014.10.26 16:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2014.10.26 16:47:19 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Stardock [2014.10.26 16:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock [2014.10.26 16:47:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock [2014.10.26 16:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock [2014.10.26 16:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock [2014.10.26 16:45:55 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\FNET [2014.10.26 16:45:54 | 000,037,128 | ---- | C] (FNet Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\FNETVDDA.SYS [2014.10.26 16:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoStarter [2014.10.26 16:45:23 | 000,016,648 | ---- | C] (FNet Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\FNETURPX.SYS [2014.10.26 16:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET [2014.10.26 16:42:54 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Adobe [2014.10.26 16:38:45 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Mozilla [2014.10.26 16:38:45 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Mozilla [2014.10.26 16:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2014.10.26 16:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2014.10.26 16:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\QCA_Bluetooth [2014.10.26 16:35:03 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\AppData\Local\EmieUserList [2014.10.26 16:35:03 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\AppData\Local\EmieSiteList [2014.10.25 16:34:09 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2014.10.25 16:23:43 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2014.10.25 16:23:42 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2014.10.25 16:23:30 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2014.10.25 16:23:22 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll [2014.10.25 16:23:15 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2014.10.25 16:23:15 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2014.10.25 16:23:13 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2014.10.25 16:23:13 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2014.10.25 16:23:13 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2014.10.25 16:23:13 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2014.10.25 16:23:13 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys [2014.10.25 16:23:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll [2014.10.25 16:23:12 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2014.10.25 16:23:12 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll [2014.10.25 16:23:11 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll [2014.10.25 16:23:11 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll [2014.10.25 16:23:11 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll [2014.10.25 16:23:11 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll [2014.10.25 16:23:11 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll [2014.10.25 16:20:54 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll [2014.10.25 16:20:52 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2014.10.25 16:20:52 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2014.10.25 16:20:47 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll [2014.10.25 16:20:44 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2014.10.25 16:20:39 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll [2014.10.25 16:20:37 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2014.10.25 16:20:32 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll [2014.10.25 16:20:30 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll [2014.10.25 16:20:26 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll [2014.10.25 16:20:24 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll [2014.10.25 16:20:24 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2014.10.25 16:20:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2014.10.25 16:20:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2014.10.25 16:20:23 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2014.10.25 16:20:09 | 002,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2014.10.25 16:20:09 | 002,084,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2014.10.25 16:20:09 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll [2014.10.25 16:20:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll [2014.10.25 16:20:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2014.10.25 16:20:02 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll [2014.10.25 16:20:01 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2014.10.25 16:20:01 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll [2014.10.25 16:19:57 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2014.10.25 16:19:53 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll [2014.10.25 16:19:51 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll [2014.10.25 16:19:50 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2014.10.25 16:19:50 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll [2014.10.25 16:19:50 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2014.10.25 16:19:49 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll [2014.10.25 16:19:49 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll [2014.10.25 16:19:49 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll [2014.10.25 16:19:49 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2014.10.25 16:19:48 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe [2014.10.25 16:19:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll [2014.10.25 16:19:48 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll [2014.10.25 16:19:48 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll [2014.10.25 16:19:48 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll [2014.10.25 16:19:47 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll [2014.10.25 16:19:47 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll [2014.10.25 16:19:47 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll [2014.10.25 16:19:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll [2014.10.25 16:19:46 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2014.10.25 16:19:44 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2014.10.25 16:19:22 | 000,423,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll [2014.10.25 16:19:22 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DaOtpCredentialProvider.dll [2014.10.25 16:19:22 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFHost.exe [2014.10.25 16:19:22 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DaOtpCredentialProvider.dll [2014.10.25 16:19:22 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFPlatform.dll [2014.10.25 16:18:52 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lockscreencn.dll [2014.10.25 16:17:44 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2014.10.25 16:17:44 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2014.10.25 16:17:21 | 000,146,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys [2014.10.25 16:14:17 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll [2014.10.25 16:14:15 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr120_clr0400.dll [2014.10.25 16:13:11 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll [2014.10.25 16:13:11 | 003,048,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2014.10.25 16:13:11 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll [2014.10.25 16:13:10 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll [2014.10.25 16:13:00 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe [2014.10.25 16:10:09 | 000,000,000 | -HSD | C] -- C:\Recovery [2014.10.25 16:08:24 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014.10.25 16:08:24 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll [2014.10.25 16:08:24 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014.10.25 16:08:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014.10.25 16:06:54 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll [2014.10.25 16:06:54 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll [2014.10.25 16:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2014.10.25 16:04:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2014.10.25 16:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2014.10.25 16:03:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2014.10.25 16:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2014.10.25 16:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2014.10.25 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2014.10.25 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2014.10.25 16:03:05 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll [2014.10.25 16:03:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2014.10.25 16:03:03 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll [2014.10.25 16:03:02 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll [2014.10.25 15:58:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2014.10.25 15:58:38 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OpenVideo64.dll [2014.10.25 15:58:38 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OVDecode64.dll [2014.10.25 15:58:38 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OpenVideo.dll [2014.10.25 15:58:38 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OVDecode.dll [2014.10.25 15:58:37 | 025,387,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atio6axx.dll [2014.10.25 15:58:37 | 021,399,040 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atioglxx.dll [2014.10.25 15:58:37 | 012,521,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys [2014.10.25 15:58:37 | 006,189,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdag.dll [2014.10.25 15:58:37 | 006,174,472 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdva.dll [2014.10.25 15:58:37 | 000,617,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys [2014.10.25 15:58:37 | 000,190,976 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll [2014.10.25 15:58:37 | 000,127,488 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\coinst_13.151.1.dll [2014.10.25 15:58:37 | 000,125,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiuxpag.dll [2014.10.25 15:58:37 | 000,097,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiu9pag.dll [2014.10.25 15:58:37 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atigktxx.dll [2014.10.25 15:58:37 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atimpc64.dll [2014.10.25 15:58:37 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll [2014.10.25 15:58:37 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiglpxx.dll [2014.10.25 15:58:37 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiglpxx.dll [2014.10.25 15:58:37 | 000,026,112 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll [2014.10.25 15:58:36 | 028,192,768 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\amdocl64.dll [2014.10.25 15:58:36 | 023,761,408 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\amdocl.dll [2014.10.25 15:58:36 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticaldd64.dll [2014.10.25 15:58:36 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticaldd.dll [2014.10.25 15:58:36 | 007,673,640 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atidxx32.dll [2014.10.25 15:58:36 | 001,027,544 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\aticfx32.dll [2014.10.25 15:58:36 | 000,595,456 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll [2014.10.25 15:58:36 | 000,571,904 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe [2014.10.25 15:58:36 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiapfxx.exe [2014.10.25 15:58:36 | 000,239,616 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe [2014.10.25 15:58:36 | 000,100,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6txx.dll [2014.10.25 15:58:36 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdpcom64.dll [2014.10.25 15:58:36 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6pxx.dll [2014.10.25 15:58:36 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll [2014.10.25 15:58:36 | 000,063,488 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2014.10.25 15:58:36 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalrt64.dll [2014.10.25 15:58:36 | 000,057,344 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2014.10.25 15:58:36 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalcl64.dll [2014.10.25 15:58:36 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalrt.dll [2014.10.25 15:58:36 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalcl.dll [2014.10.25 15:58:36 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\ati2erec.dll [2014.10.25 15:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2014.10.25 15:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2014.10.25 15:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros [2014.10.25 15:42:42 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Identities [2014.10.25 15:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\AppData\Local\Verlauf [2014.10.25 15:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\AppData\Local\Temporary Internet Files [2014.10.25 15:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Lokale Einstellungen [2014.10.25 15:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Cookies [2014.10.25 15:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\AppData\Local\Anwendungsdaten [2014.10.25 15:22:31 | 000,000,000 | --SD | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Favorites [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Documents [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Desktop [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2014.10.25 15:22:31 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Vorlagen [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Startmenü [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\SendTo [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Recent [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Netzwerkumgebung [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Documents\Eigene Videos [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Documents\Eigene Musik [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Eigene Dateien [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Documents\Eigene Bilder [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Druckumgebung [2014.10.25 15:22:31 | 000,000,000 | -HSD | C] -- C:\Users\Sebastian\Anwendungsdaten [2014.10.25 15:22:31 | 000,000,000 | -H-D | C] -- C:\Users\Sebastian\AppData [2014.10.25 15:22:31 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Temp [2014.10.25 15:22:31 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Microsoft [2014.10.25 15:22:31 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2014.10.25 15:13:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2014.10.25 15:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2014.10.25 15:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2014.10.25 15:12:46 | 000,000,000 | ---D | C] -- C:\AMD [2014.10.25 15:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2014.10.25 15:11:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2014.10.24 15:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2014.10.24 15:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2014.10.24 15:35:19 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Programs [2014.10.24 15:14:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT [2014.10.24 14:17:37 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs [2014.10.24 14:17:37 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs [2014.10.24 13:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite [2014.10.24 13:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Corporation [2014.10.24 13:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2014.10.24 13:31:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2014.10.24 13:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSK [2014.10.24 13:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2014.10.24 13:17:13 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\iolo [2014.10.24 13:17:05 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care [2014.10.24 13:09:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sda [2014.10.24 13:09:03 | 000,359,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsPStor.sys [2014.10.24 13:09:01 | 009,889,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysWow64\RsCRIcon.dll [2014.10.24 13:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2014.10.24 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Intel Corporation [2014.10.24 13:05:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2014.10.24 13:04:48 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Intel [2014.10.24 12:29:15 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Spotify [2014.10.24 12:28:19 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Spotify [2014.10.24 12:20:52 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Macromedia [2014.10.24 12:09:59 | 000,000,000 | ---D | C] -- C:\Update [2014.10.24 12:07:42 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Sony Corporation [2014.10.24 12:05:36 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\BMExplorer [2014.10.24 12:05:35 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\Documents\Bluetooth Folder [2014.10.24 12:05:14 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\ATI [2014.10.24 12:05:14 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\ATI [2014.10.24 12:04:02 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Power2Go8 [2014.10.24 12:03:50 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014.10.24 12:03:50 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Searches [2014.10.24 12:03:50 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Contacts [2014.10.24 12:03:50 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2014.10.24 12:03:45 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Adobe [2014.10.24 12:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\VAIO Startup Setting Tool [2014.10.24 12:03:31 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Roaming\Sony Corporation [2014.10.24 12:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2014.10.24 12:02:47 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\VirtualStore [2014.10.24 12:02:40 | 000,000,000 | ---D | C] -- C:\Users\Sebastian\AppData\Local\Packages [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Videos [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Saved Games [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Pictures [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Music [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Links [2014.10.24 12:02:36 | 000,000,000 | R--D | C] -- C:\Users\Sebastian\Downloads [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\Programme [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2014.10.24 11:59:10 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2014.10.24 11:59:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2014.10.24 11:59:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2014.10.24 11:59:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2014.10.24 11:58:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2014.10.23 19:41:22 | 000,599,240 | ---- | C] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btfilter.sys ========== Files - Modified Within 30 Days ========== [2014.11.20 23:57:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014.11.20 23:44:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014.11.20 16:18:56 | 001,780,340 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014.11.20 16:18:56 | 000,766,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2014.11.20 16:18:56 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014.11.20 16:18:56 | 000,159,902 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2014.11.20 16:18:56 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014.11.20 16:18:33 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2014.11.15 12:55:14 | 000,499,320 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2014.11.15 12:54:05 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014.11.15 12:54:03 | 3391,746,048 | -HS- | M] () -- C:\hiberfil.sys [2014.11.13 16:56:36 | 000,570,713 | ---- | M] () -- C:\Users\Sebastian\Desktop\Unbenannt.wma [2014.10.31 16:49:16 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2014.10.31 06:12:41 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe [2014.10.31 06:12:05 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe [2014.10.31 06:10:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe [2014.10.31 06:09:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll [2014.10.31 06:08:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe [2014.10.31 06:06:45 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2014.10.31 06:06:21 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll [2014.10.31 06:06:09 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll [2014.10.31 06:06:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll [2014.10.31 06:05:50 | 000,417,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec [2014.10.31 06:04:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll [2014.10.31 05:56:53 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2014.10.31 05:54:13 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll [2014.10.31 05:53:06 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll [2014.10.31 05:52:22 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll [2014.10.31 05:51:37 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe [2014.10.31 05:51:31 | 000,812,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2014.10.31 05:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe [2014.10.31 05:50:44 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll [2014.10.31 05:50:11 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2014.10.31 05:40:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll [2014.10.31 05:38:28 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll [2014.10.31 05:30:28 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll [2014.10.31 05:29:50 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2014.10.31 05:29:17 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx [2014.10.31 05:28:58 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll [2014.10.31 05:25:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll [2014.10.31 05:24:25 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll [2014.10.31 05:23:46 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll [2014.10.31 05:21:30 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll [2014.10.31 05:19:49 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll [2014.10.31 05:05:52 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2014.10.31 05:05:35 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2014.10.31 05:03:02 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl [2014.10.31 04:44:32 | 002,865,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2014.10.31 04:42:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll [2014.10.31 04:28:47 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe [2014.10.31 04:27:26 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe [2014.10.31 04:26:45 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll [2014.10.31 04:25:24 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe [2014.10.31 04:24:23 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2014.10.31 04:24:00 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll [2014.10.31 04:23:37 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll [2014.10.31 04:23:21 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec [2014.10.31 04:22:08 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll [2014.10.31 04:20:27 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll [2014.10.31 04:15:59 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2014.10.31 04:14:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll [2014.10.31 04:13:35 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll [2014.10.31 04:12:17 | 000,661,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2014.10.31 04:12:17 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe [2014.10.31 04:11:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll [2014.10.31 04:03:33 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll [2014.10.31 03:57:20 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll [2014.10.31 03:56:44 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2014.10.31 03:56:18 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx [2014.10.31 03:56:08 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll [2014.10.31 03:53:21 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll [2014.10.31 03:52:23 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll [2014.10.31 03:51:02 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll [2014.10.31 03:48:50 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll [2014.10.31 03:39:28 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl [2014.10.31 03:11:30 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll [2014.10.30 01:55:02 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2014.10.30 01:55:02 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2014.10.26 18:49:54 | 000,004,608 | ---- | M] () -- C:\WINDOWS\SECOH-QAD.exe [2014.10.26 18:49:54 | 000,003,584 | ---- | M] () -- C:\WINDOWS\SECOH-QAD.dll [2014.10.26 17:47:13 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys [2014.10.26 17:03:40 | 000,001,056 | ---- | M] () -- C:\Users\Sebastian\Desktop\Photoshop.lnk [2014.10.26 16:45:54 | 000,037,128 | ---- | M] (FNet Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\FNETVDDA.SYS [2014.10.26 16:45:23 | 000,016,648 | ---- | M] (FNet Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\FNETURPX.SYS [2014.10.25 16:08:24 | 000,921,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll [2014.10.25 16:08:24 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll [2014.10.25 16:08:24 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll [2014.10.25 16:08:24 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe [2014.10.25 16:06:54 | 000,590,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll [2014.10.25 16:06:54 | 000,514,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll [2014.10.25 15:37:33 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2014.10.25 15:37:33 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2014.10.25 15:37:19 | 000,022,960 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2014.10.25 15:13:33 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job [2014.10.25 15:13:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2014.10.25 15:12:58 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2014.10.25 15:12:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2014.10.24 16:31:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2014.10.24 13:29:12 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3a.dll [2014.10.24 13:12:22 | 000,013,792 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\semav6thermal64ro.sys [2014.10.24 13:06:58 | 001,774,862 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2014.10.24 12:06:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2014.10.23 19:41:22 | 000,599,240 | ---- | M] (Qualcomm Atheros) -- C:\WINDOWS\SysNative\drivers\btfilter.sys [2014.10.23 06:48:37 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll [2014.10.23 06:05:08 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll ========== Files Created - No Company Name ========== [2014.11.20 16:18:34 | 000,001,363 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2014.11.20 16:18:33 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2014.11.13 16:56:36 | 000,570,713 | ---- | C] () -- C:\Users\Sebastian\Desktop\Unbenannt.wma [2014.10.31 16:49:16 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2014.10.26 18:49:54 | 000,004,608 | ---- | C] () -- C:\WINDOWS\SECOH-QAD.exe [2014.10.26 18:49:54 | 000,003,584 | ---- | C] () -- C:\WINDOWS\SECOH-QAD.dll [2014.10.26 17:03:40 | 000,001,056 | ---- | C] () -- C:\Users\Sebastian\Desktop\Photoshop.lnk [2014.10.26 17:00:58 | 000,001,056 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk [2014.10.26 16:56:24 | 000,001,558 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk [2014.10.26 16:43:26 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014.10.26 16:38:39 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2014.10.26 16:28:19 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk [2014.10.25 16:23:11 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2014.10.25 16:20:23 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat [2014.10.25 15:58:37 | 003,422,720 | ---- | C] () -- C:\WINDOWS\SysWow64\atiumdva.cap [2014.10.25 15:58:37 | 003,388,672 | ---- | C] () -- C:\WINDOWS\SysNative\atiumd6a.cap [2014.10.25 15:58:37 | 000,716,208 | ---- | C] () -- C:\WINDOWS\SysNative\atiicdxx.dat [2014.10.25 15:58:37 | 000,233,396 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat [2014.10.25 15:58:37 | 000,231,984 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat [2014.10.25 15:58:37 | 000,229,376 | ---- | C] () -- C:\WINDOWS\SysNative\clinfo.exe [2014.10.25 15:58:37 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysNative\ativce02.dat [2014.10.25 15:58:37 | 000,047,164 | ---- | C] () -- C:\WINDOWS\atiogl.xml [2014.10.25 15:58:37 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsnl.dat [2014.10.25 15:58:37 | 000,026,936 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsnl.dat [2014.10.25 15:58:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsny.dat [2014.10.25 15:58:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsny.dat [2014.10.25 15:58:36 | 000,781,312 | ---- | C] () -- C:\WINDOWS\SysNative\amdmiracast.dll [2014.10.25 15:58:36 | 000,544,656 | ---- | C] () -- C:\WINDOWS\SysWow64\atiapfxx.blb [2014.10.25 15:58:36 | 000,544,656 | ---- | C] () -- C:\WINDOWS\SysNative\atiapfxx.blb [2014.10.25 15:58:36 | 000,134,656 | ---- | C] () -- C:\WINDOWS\SysNative\amdhdl64.dll [2014.10.25 15:58:36 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll [2014.10.25 15:42:51 | 000,001,450 | ---- | C] () -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2014.10.25 15:37:19 | 000,022,960 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2014.10.25 15:26:50 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2014.10.25 15:22:31 | 000,000,369 | ---- | C] () -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [2014.10.25 15:22:31 | 000,000,369 | ---- | C] () -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [2014.10.25 15:22:20 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2014.10.25 15:22:20 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2014.10.25 15:13:33 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job [2014.10.25 15:13:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2014.10.25 15:12:58 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf [2014.10.25 15:12:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2014.10.24 16:31:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2014.10.24 15:40:26 | 000,002,811 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Creator.lnk [2014.10.24 14:05:26 | 000,002,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media Server Settings.lnk [2014.10.24 13:17:19 | 000,013,792 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\semav6thermal64ro.sys [2014.10.24 13:17:05 | 000,002,044 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk [2014.10.24 13:06:58 | 001,774,862 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2014.10.24 13:03:57 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xperia Link.lnk [2014.10.24 12:29:14 | 000,001,773 | ---- | C] () -- C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2014.10.24 12:10:43 | 000,000,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2014.10.24 12:06:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2014.10.24 12:03:43 | 000,002,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk [2014.10.24 11:58:36 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2014.10.24 11:58:27 | 3391,746,048 | -HS- | C] () -- C:\hiberfil.sys [2014.09.24 07:18:44 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2014.09.24 07:18:25 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2014.07.21 21:04:58 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat [2014.07.21 21:04:58 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat [2014.07.21 21:04:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat [2014.07.21 21:04:04 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe [2014.07.21 21:04:04 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe [2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013.08.22 00:56:00 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll [2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.08.31 01:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.08.30 23:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > DEFOGGER: defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:40 on 21/11/2014 (Sebastian) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Gmer:GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-11-21 00:47:22
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c Hitachi_HTS547564A9E384 rev.JEDOA50B 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\SEBAST~1\AppData\Local\Temp\pxldypog.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960001ac200 15 bytes [00, 28, F6, 01, 80, 1C, 6C, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff960001ac210 11 bytes [00, 0E, FC, FF, 00, 05, C4, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\atieclxx.exe[4820] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffeff2c169a 4 bytes [2C, FF, FE, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[4820] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffeff2c16a2 4 bytes [2C, FF, FE, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[4820] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffeff2c181a 4 bytes [2C, FF, FE, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[4820] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffeff2c1832 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[1228] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffef2ce1f6a 4 bytes [CE, F2, FE, 7F]
.text C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe[1228] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffef2ce1f82 4 bytes [CE, F2, FE, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[936] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffeff2c169a 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[936] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffeff2c16a2 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[936] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffeff2c181a 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[936] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffeff2c1832 4 bytes [2C, FF, FE, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5492] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffeff2c169a 4 bytes [2C, FF, FE, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5492] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffeff2c16a2 4 bytes [2C, FF, FE, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5492] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffeff2c181a 4 bytes [2C, FF, FE, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[5492] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffeff2c1832 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe[5592] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffeff2c169a 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe[5592] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffeff2c16a2 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe[5592] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffeff2c181a 4 bytes [2C, FF, FE, 7F]
.text C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe[5592] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffeff2c1832 4 bytes [2C, FF, FE, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\svchost.exe [376:4068] 00007ffefa246cb4
Thread C:\WINDOWS\system32\svchost.exe [376:4072] 00007ffeec3915a0
Thread C:\WINDOWS\system32\svchost.exe [376:4076] 00007ffeec3915a0
Thread C:\WINDOWS\system32\svchost.exe [376:5820] 00007ffef8385340
Thread C:\WINDOWS\system32\svchost.exe [376:5992] 00007ffeed5910e0
Thread C:\WINDOWS\system32\svchost.exe [376:752] 00007ffeed4a38e0
Thread C:\WINDOWS\system32\svchost.exe [376:7684] 00007ffed54d1e80
Thread C:\WINDOWS\system32\svchost.exe [956:2628] 00007ffef03c4b04
Thread C:\WINDOWS\system32\svchost.exe [956:5564] 00007ffee7576c08
Thread C:\WINDOWS\system32\svchost.exe [956:5568] 00007ffee7576800
Thread C:\WINDOWS\system32\svchost.exe [956:1976] 00007ffef1a25540
Thread C:\WINDOWS\SysWOW64\DllHost.exe [2120:2148] 0000000074c728f0
Thread C:\WINDOWS\system32\csrss.exe [3384:9048] fffff9600089ab90
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Search results from Spybot - Search & Destroy 21.11.2014 01:16:39 Scan took 00:27:44. 14 items found. DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\OCS\lastPID DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\OCS\PID Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-3682838677-2340648440-811510088-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Cache: [SBI $49804B54] Browser: Cache (6) (Browser: Cache, nothing done) Verlauf: [SBI $49804B54] Browser: History (8) (Browser: History, nothing done) Cookie: [SBI $49804B54] Browser: Cookie (113) (Browser: Cookie, nothing done) --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) --- 2014-06-24 blindman.exe (2.4.40.151) 2014-06-24 explorer.exe (2.4.40.181) 2014-06-24 SDBootCD.exe (2.4.40.109) 2014-06-24 SDCleaner.exe (2.4.40.110) 2014-06-24 SDDelFile.exe (2.4.40.94) 2013-06-18 SDDisableProxy.exe 2014-06-24 SDFiles.exe (2.4.40.135) 2014-06-24 SDFileScanHelper.exe (2.4.40.1) 2014-06-24 SDFSSvc.exe (2.4.40.217) 2014-06-24 SDHelp.exe (2.4.40.1) 2014-04-25 SDHookHelper.exe (2.3.39.2) 2014-04-25 SDHookInst32.exe (2.3.39.2) 2014-04-25 SDHookInst64.exe (2.3.39.2) 2014-06-24 SDImmunize.exe (2.4.40.130) 2014-06-24 SDLogReport.exe (2.4.40.107) 2014-06-24 SDOnAccess.exe (2.4.40.11) 2014-06-24 SDPESetup.exe (2.4.40.3) 2014-06-24 SDPEStart.exe (2.4.40.86) 2014-06-24 SDPhoneScan.exe (2.4.40.28) 2014-06-24 SDPRE.exe (2.4.40.22) 2014-06-24 SDPrepPos.exe (2.4.40.15) 2014-06-24 SDQuarantine.exe (2.4.40.103) 2014-06-24 SDRootAlyzer.exe (2.4.40.116) 2014-06-24 SDSBIEdit.exe (2.4.40.39) 2014-06-24 SDScan.exe (2.4.40.181) 2014-06-24 SDScript.exe (2.4.40.54) 2014-06-24 SDSettings.exe (2.4.40.139) 2014-06-24 SDShell.exe (2.4.40.2) 2014-06-24 SDShred.exe (2.4.40.108) 2014-06-24 SDSysRepair.exe (2.4.40.102) 2014-06-24 SDTools.exe (2.4.40.157) 2014-06-24 SDTray.exe (2.4.40.129) 2014-06-27 SDUpdate.exe (2.4.40.94) 2014-06-27 SDUpdSvc.exe (2.4.40.77) 2014-06-24 SDWelcome.exe (2.4.40.130) 2014-04-25 SDWSCSvc.exe (2.3.39.2) 2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0) 2014-07-31 spybotsd2-translation-esx.exe 2013-06-19 spybotsd2-translation-frx.exe 2014-08-25 spybotsd2-translation-hux2.exe 2014-10-01 spybotsd2-translation-nlx2.exe 2014-11-05 spybotsd2-translation-ukx.exe 2014-11-20 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2014-04-25 NotificationSpreader.dll 2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98) 2014-04-25 SDAV.dll 2014-06-24 SDECon32.dll (2.4.40.114) 2014-06-24 SDECon64.dll (2.3.39.113) 2014-06-24 SDEvents.dll (2.4.40.2) 2014-06-24 SDFileScanLibrary.dll (2.4.40.14) 2014-04-25 SDHook32.dll (2.3.39.2) 2014-04-25 SDHook64.dll (2.3.39.2) 2014-06-24 SDImmunizeLibrary.dll (2.4.40.2) 2014-06-24 SDLicense.dll (2.4.40.0) 2014-06-24 SDLists.dll (2.4.40.4) 2014-06-24 SDResources.dll (2.4.40.7) 2014-06-24 SDScanLibrary.dll (2.4.40.131) 2014-06-24 SDTasks.dll (2.4.40.15) 2014-06-24 SDWinLogon.dll (2.4.40.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2014-06-24 Tools.dll (2.4.40.36) 2014-03-05 Includes\Adware-000.sbi (*) 2014-01-08 Includes\Adware-001.sbi (*) 2014-11-19 Includes\Adware-C.sbi (*) 2014-01-13 Includes\Adware.sbi (*) 2014-01-13 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2014-11-14 Includes\Dialer-000.sbi (*) 2014-11-14 Includes\Dialer-001.sbi (*) 2014-01-08 Includes\Dialer-C.sbi (*) 2014-01-13 Includes\Dialer.sbi (*) 2014-01-13 Includes\DialerC.sbi (*) 2014-01-09 Includes\Fraud-000.sbi (*) 2014-01-09 Includes\Fraud-001.sbi (*) 2014-03-31 Includes\Fraud-002.sbi (*) 2014-01-09 Includes\Fraud-003.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2014-11-14 Includes\Hijackers-000.sbi (*) 2014-11-14 Includes\Hijackers-001.sbi (*) 2014-01-08 Includes\Hijackers-C.sbi (*) 2014-01-13 Includes\Hijackers.sbi (*) 2014-01-13 Includes\HijackersC.sbi (*) 2014-01-08 Includes\iPhone-000.sbi (*) 2014-01-08 Includes\iPhone.sbi (*) 2014-11-14 Includes\Keyloggers-000.sbi (*) 2014-09-24 Includes\Keyloggers-C.sbi (*) 2014-01-13 Includes\Keyloggers.sbi (*) 2014-01-13 Includes\KeyloggersC.sbi (*) 2014-11-14 Includes\Malware-000.sbi (*) 2014-11-14 Includes\Malware-001.sbi (*) 2014-11-14 Includes\Malware-002.sbi (*) 2014-11-14 Includes\Malware-003.sbi (*) 2014-11-14 Includes\Malware-004.sbi (*) 2014-11-14 Includes\Malware-005.sbi (*) 2014-02-26 Includes\Malware-006.sbi (*) 2014-01-09 Includes\Malware-007.sbi (*) 2014-11-19 Includes\Malware-C.sbi (*) 2014-01-13 Includes\Malware.sbi (*) 2013-12-23 Includes\MalwareC.sbi (*) 2014-11-14 Includes\PUPS-000.sbi (*) 2014-01-15 Includes\PUPS-001.sbi (*) 2014-01-15 Includes\PUPS-002.sbi (*) 2014-11-19 Includes\PUPS-C.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2014-01-07 Includes\PUPSC.sbi (*) 2014-01-08 Includes\Security-000.sbi (*) 2014-01-08 Includes\Security-C.sbi (*) 2014-01-21 Includes\Security.sbi (*) 2014-01-21 Includes\SecurityC.sbi (*) 2014-11-14 Includes\Spyware-000.sbi (*) 2014-11-14 Includes\Spyware-001.sbi (*) 2014-11-19 Includes\Spyware-C.sbi (*) 2014-01-21 Includes\Spyware.sbi (*) 2014-01-21 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2014-01-15 Includes\Trojans-000.sbi (*) 2014-01-15 Includes\Trojans-001.sbi (*) 2014-11-14 Includes\Trojans-002.sbi (*) 2014-01-15 Includes\Trojans-003.sbi (*) 2014-01-15 Includes\Trojans-004.sbi (*) 2014-03-19 Includes\Trojans-005.sbi (*) 2014-07-09 Includes\Trojans-006.sbi (*) 2014-01-15 Includes\Trojans-007.sbi (*) 2014-07-09 Includes\Trojans-008.sbi (*) 2014-07-09 Includes\Trojans-009.sbi (*) 2014-11-19 Includes\Trojans-C.sbi (*) 2014-01-15 Includes\Trojans-OG-000.sbi (*) 2014-01-15 Includes\Trojans-TD-000.sbi (*) 2014-01-15 Includes\Trojans-VM-000.sbi (*) 2014-01-15 Includes\Trojans-VM-001.sbi (*) 2014-01-15 Includes\Trojans-VM-002.sbi (*) 2014-01-15 Includes\Trojans-VM-003.sbi (*) 2014-01-15 Includes\Trojans-VM-004.sbi (*) 2014-01-15 Includes\Trojans-VM-005.sbi (*) 2014-01-15 Includes\Trojans-VM-006.sbi (*) 2014-01-15 Includes\Trojans-VM-007.sbi (*) 2014-01-15 Includes\Trojans-VM-008.sbi (*) 2014-01-15 Includes\Trojans-VM-009.sbi (*) 2014-01-15 Includes\Trojans-VM-010.sbi (*) 2014-01-15 Includes\Trojans-VM-011.sbi (*) 2014-01-15 Includes\Trojans-VM-012.sbi (*) 2014-01-15 Includes\Trojans-VM-013.sbi (*) 2014-01-15 Includes\Trojans-VM-014.sbi (*) 2014-01-15 Includes\Trojans-VM-015.sbi (*) 2014-01-15 Includes\Trojans-VM-016.sbi (*) 2014-01-15 Includes\Trojans-VM-017.sbi (*) 2014-01-15 Includes\Trojans-VM-018.sbi (*) 2014-01-15 Includes\Trojans-VM-019.sbi (*) 2014-01-15 Includes\Trojans-VM-020.sbi (*) 2014-01-15 Includes\Trojans-VM-021.sbi (*) 2014-01-15 Includes\Trojans-VM-022.sbi (*) 2014-01-15 Includes\Trojans-VM-023.sbi (*) 2014-01-15 Includes\Trojans-VM-024.sbi (*) 2014-01-15 Includes\Trojans-ZB-000.sbi (*) 2014-01-15 Includes\Trojans-ZL-000.sbi (*) 2014-01-09 Includes\Trojans.sbi (*) 2014-01-16 Includes\TrojansC-01.sbi (*) 2014-01-16 Includes\TrojansC-02.sbi (*) 2014-01-16 Includes\TrojansC-03.sbi (*) 2014-01-16 Includes\TrojansC-04.sbi (*) 2014-01-16 Includes\TrojansC-05.sbi (*) 2014-01-09 Includes\TrojansC.sbi (*) |
|
22.11.2014, 08:54
| #5 |
| /// the machine /// TB-Ausbilder | Internetverbindung extem langsam!So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Internetverbindung extem langsam! |
| anderer, dauert, extrem, folge, folgende, guten, heute, interne, internet, internetverbindung, laden, lange, langsam, problem, rechts, router, sache, sachen, seite, seiten, striche, symbol, unglaublich, verbindung, verbunden, virus, wlan |
Linear-Darstellung
