Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8: Gvu-Trojaner (https://www.trojaner-board.de/140300-windows-8-gvu-trojaner.html)

Annyso 23.08.2013 10:58
Windows 8: Gvu-Trojaner
 
Hallo:
Ich habe mir scheinbar gestern einen Gvu-Trojaner eingefangen.(Vaio E-Serie mit Windows 8)
Ich habe meinen Laptop dann neu gebootet und wollte im abgesicherten Modus den trojaner entfernen. Der wechsel in den abgesicherten modus hat aber nicht funktioniert.Der Laptop startete neu und es erschien die Meldung:" das System wird aktualisiert".
Nach dem Hochfahren waren alle Sperrungen verschwunden(auch i-net) und es wirkte so als sei nie ein trojaner da gewesen.
Habe dann einen Virenscan mit comodoo laufen lassen-kein ergebniss.


Ein Scan mit "anti malware" von malwarebytes förderte 5 infizierte objekte zu tage.Diese wurden umgehend gelöscht.
Hier der Logfile:

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.22.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Annika :: ANNIKA [Administrator]

Schutz: Aktiviert

22.08.2013 21:57:29
mbam-log-2013-08-22 (21-57-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 477096
Laufzeit: 1 Stunde(n), 20 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\$Recycle.Bin\S-1-5-21-2354407877-180793676-4171637688-1001\$RC5MLJ0.exe (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-2354407877-180793676-4171637688-1001\$RWIXO5K.exe (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Annika\AppData\Roaming\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Annika\AppData\Local\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Von dem Comodooscan finde ich leider kein Logfile.(in diesem fall bin ich warscheinlich ne typische frau....;))
Meine Frage: Ist der Trojaner restlos entfernt? oder hat er sich "versteckt"? Der Laptop funktioniert wieder einwandfrei.
Bitte verzeiht die unprofessionalität wenn ich etwas falsches bzw. unütze sachen gepostet habe. Ich habe wirklich nur rudimentäres Grundwissen im bezug auf computer....
Schon jetzt einmal: vielen,vielen Dank für eure Hilfe!

schrauber 23.08.2013 11:02
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Annyso 23.08.2013 11:51
Hey das ging aber fix!:) Hallo Schrauber!
Habe mir das tool runtergeladen+den scan laufen lassen allerdings sind die logfiles die er mir dann öffnet komplett leer!?
Mein fehler?
Es kommt immer die meldung:
Die Datei C:/users/Annika/Desktop/addition.txt kann icht gefunden werden
Möchten sie eine neue datei erstellen?

Ja/nein/Abbrechen

Scheinbar mein fehler! habs gelöscht und nochmal runtergeladen jetzt gehts!!
log: FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013
Ran by Annika (administrator) on 23-08-2013 12:49:06
Running from C:\Users\Annika\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files\Sony\VAIO Care\listener.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\helppane.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-10-09] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [NTRedirect] - C:\Users\Annika\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [187888 2013-08-22] ()
MountPoints2: {0fad8263-76e0-11e2-be81-083e8ede7d6a} - "E:\WD SmartWare.exe" autoplay=true
MountPoints2: {6b421f67-c62a-11e2-be93-083e8ede7d6a} - "E:\HTC_Sync_Manager_PC.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-08-07] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [gbrspcontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0E6C2594-7233-4D08-82DF-C85F690256C9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
SearchScopes: HKCU - {17C2CAE1-FF5B-44F6-B753-C3EDCCBE4FDC} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 195.50.140.246 192.168.0.1
Tcpip\..\Interfaces\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}: [NameServer]156.154.70.22,156.154.71.22

Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DealPly  Shopping) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\3.5.0.0_0
CHR Extension: (DVDVideoSoft) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Gmail) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Annika\AppData\Roaming\BabSolution\CR\Delta.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243728 2012-06-29] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-07-24] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095808 2013-08-01] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S1 CFRMD; C:\Windows\SysWow64\DRIVERS\CFRMD.sys [40224 2012-09-21] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [713776 2013-07-08] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2013-06-18] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-06-18] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S1 CFRMD; system32\DRIVERS\CFRMD.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Dealply
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Local\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\DSite
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-23 12:16 - 2013-08-23 12:17 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-23 12:16 - 2013-08-23 12:16 - 00003388 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Babylon
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\BabSolution
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 18:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-15 13:12 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-15 13:12 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-15 11:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 11:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 11:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 11:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-15 11:42 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:42 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:42 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 11:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-15 11:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-31 13:27 - 2013-08-15 13:51 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 11:40 - 2013-07-26 11:41 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

2013-08-23 12:48 - 2013-08-23 12:48 - 01576474 _____ (Farbar) C:\Users\Annika\Desktop\FRST64.exe
2013-08-23 12:42 - 2012-12-30 19:01 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-08-23 12:29 - 2012-12-29 18:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Dealply
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Local\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\DSite
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-23 12:17 - 2013-08-23 12:16 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-23 12:16 - 2013-08-23 12:16 - 00003388 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Babylon
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\BabSolution
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-23 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-23 11:58 - 2012-12-29 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-23 11:51 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika\AppData\Local\Packages
2013-08-23 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-23 11:31 - 2012-10-29 11:08 - 01251434 _____ C:\Windows\WindowsUpdate.log
2013-08-23 11:21 - 2012-12-29 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-23 00:03 - 2013-06-26 12:15 - 00000000 ____D C:\Users\Annika\AppData\Local\HTC MediaHub
2013-08-23 00:01 - 2012-08-03 04:22 - 00061664 _____ C:\Windows\PFRO.log
2013-08-23 00:01 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-23 00:01 - 2012-07-26 07:26 - 01310720 ___SH C:\Windows\system32\config\BBI
2013-08-22 22:03 - 2012-10-29 10:50 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-22 22:03 - 2012-10-29 10:50 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-22 22:03 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-22 20:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-22 20:15 - 2013-01-21 21:52 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Swiss Academic Software
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-20 19:29 - 2012-12-29 18:33 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-18 01:29 - 2012-12-27 18:52 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2354407877-180793676-4171637688-1001
2013-08-16 12:31 - 2012-12-28 11:11 - 00000000 ____D C:\Users\Annika\AppData\Local\CrashDumps
2013-08-15 13:51 - 2013-07-31 13:27 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:50 - 2012-12-28 12:12 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-13 13:50 - 2013-05-22 11:07 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-05 23:57 - 2013-06-05 14:07 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-08-01 12:30 - 2013-06-12 17:37 - 00000000 ____D C:\Users\Annika\Documents\Vodafone
2013-07-31 17:59 - 2012-12-29 18:34 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-27 12:20 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika
2013-07-26 21:36 - 2013-01-22 10:01 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2013-07-26 12:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-26 11:41 - 2013-07-26 11:40 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 11:38 - 2013-01-21 21:26 - 00000000 ____D C:\Users\Annika\Documents\Studium
2013-07-26 11:18 - 2012-07-26 09:21 - 00036617 _____ C:\Windows\setupact.log
2013-07-26 07:13 - 2013-08-15 11:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 11:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 11:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-15 11:42 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-20 10:55

==================== End Of Log ============================
--- --- ---

--- --- ---


Log Addition.txt :
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2013
Ran by Annika at 2013-08-23 12:49:37
Running from C:\Users\Annika\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
AIO_CDA_ProductContext (x32 Version: 140.0.425.000)
AIO_CDA_Software (x32 Version: 140.0.428.000)
AIO_Scan (x32 Version: 130.0.421.000)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bing Bar (x32 Version: 7.1.391.0)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 140.0.298.000)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)
C4100 (x32 Version: 140.0.425.000)
c4100_Help (x32 Version: 82.0.256.000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437)
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437)
CCC Help Czech (x32 Version: 2012.0806.1155.19437)
CCC Help Danish (x32 Version: 2012.0806.1155.19437)
CCC Help Dutch (x32 Version: 2012.0806.1155.19437)
CCC Help English (x32 Version: 2012.0806.1155.19437)
CCC Help Finnish (x32 Version: 2012.0806.1155.19437)
CCC Help French (x32 Version: 2012.0806.1155.19437)
CCC Help German (x32 Version: 2012.0806.1155.19437)
CCC Help Greek (x32 Version: 2012.0806.1155.19437)
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437)
CCC Help Italian (x32 Version: 2012.0806.1155.19437)
CCC Help Japanese (x32 Version: 2012.0806.1155.19437)
CCC Help Korean (x32 Version: 2012.0806.1155.19437)
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437)
CCC Help Polish (x32 Version: 2012.0806.1155.19437)
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437)
CCC Help Russian (x32 Version: 2012.0806.1155.19437)
CCC Help Spanish (x32 Version: 2012.0806.1155.19437)
CCC Help Swedish (x32 Version: 2012.0806.1155.19437)
CCC Help Thai (x32 Version: 2012.0806.1155.19437)
CCC Help Turkish (x32 Version: 2012.0806.1155.19437)
ccc-utility64 (Version: 2012.0806.1156.19437)
Chronicles of Albian (x32 Version: 2.2.0.110)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Citavi (x32 Version: 3.3.0.0)
Comodo Dragon (x32 Version: 28.1.0.0)
COMODO Internet Security (Version: 6.0.64131.2674)
Copy (x32 Version: 140.0.298.000)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923)
CyberLink PowerDVD (x32 Version: 9.0.5601.52)
Dealply (HKCU)
DealPly (remove only) (x32 Version: 4.8.7.3)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Delta Chrome Toolbar (x32)
Destinations (x32 Version: 140.0.253.000)
DeviceDiscovery (x32 Version: 140.0.298.000)
DocProc (x32 Version: 140.0.185.000)
FATE (x32 Version: 2.2.0.97)
Fax (x32 Version: 140.0.307.000)
FDUx86 (x32 Version: 1.0.0)
Free YouTube to MP3 Converter version 3.12.5.628 (x32 Version: 3.12.5.628)
GeekBuddy (x32 Version: 4.8.66)
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 140.0.297.000)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Photosmart All-In-One Driver Software (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.006.003)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.298.000)
HPSSupply (x32 Version: 140.0.297.000)
HTC Driver Installer (x32 Version: 4.2.0.001)
HTC Sync Manager (x32 Version: 2.0.61.0)
Imaging Device Functions 14.0 (Version: 14.0)
Intel AppUp(SM) center (x32 Version: 03.05.11)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IPTInstaller (x32 Version: 4.0.8)
iTunes (Version: 11.0.4.4)
Java Auto Updater (x32 Version: 2.1.6.0)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
KUx86 (x32 Version: 1.0.0)
Luxor HD (x32 Version: 2.2.0.110)
Mahjongg Artifacts (x32 Version: 2.2.0.110)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.299.000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Network64 (Version: 140.0.306.000)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Open It! (x32 Version: 1.1.1)
Opera 12.16 (x32 Version: 12.16.1860)
Picasa 3 (x32 Version: 3.9)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayMemories Home (x32 Version: 6.3.02.07270)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.212)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
Restore (x32 Version: 1.0.0)
Scan (x32 Version: 140.0.253.000)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 14.0)
SolutionCenter (x32 Version: 140.0.299.000)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Status (x32 Version: 140.0.342.000)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.16.2)
Toolbox (x32 Version: 140.0.596.000)
TrayApp (x32 Version: 140.0.297.000)
Unity Web Player (HKCU Version: )
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Zip Opener (HKCU)
Update Installer for WildTangent Games App (x32)
VAIO - Xperia Link (x32 Version: 1.0.1.10180)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 1.2.0.08150)
VAIO Gate (x32 Version: 3.0.0.08140)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator (x32 Version: 4.0.00.10170)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.2.1.03260)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
WebReg (x32 Version: 140.0.297.017)
WildTangent Games App (x32 Version: 4.0.8.7)
WildTangent-Spiele (x32 Version: 1.0.3.0)
XperiaLinkx86 (x32 Version: 1.0.0)
Zip Opener Packages (HKCU)

==================== Restore Points  =========================

09-08-2013 07:19:48 Geplanter Prüfpunkt
15-08-2013 11:48:07 Windows Update
23-08-2013 10:08:24 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02D4330E-7CED-4209-8AE7-916A16EE2B84} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {03634987-27E9-4AFF-9495-151E39CEF366} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {03F6085F-72F9-4E51-8AFE-4611BF99E829} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {07583BCB-08E9-4271-B079-2A0A279811D4} - System32\Tasks\EPUpdater => C:\Users\Annika\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-08-04] ()
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1F14E0BD-A609-47C8-844C-5AB6786DF72B} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {24298360-2B3E-4AC2-8C86-10DF7A4C89A7} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {2BCD9944-2F31-4EDA-9879-647B9EE03DF2} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {39F8F8B5-1475-404A-B5D9-42077A9BED48} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {408B43EF-444F-4F5B-8887-F0268AA99335} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4C8877AC-783F-41A7-91FA-3521506B7B27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {57183AAA-3E0D-4640-9231-B0673E4146AE} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {58794ABB-1282-4AD6-93F4-E4D525FFD0B6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {58F42DD6-1104-46A4-BB28-4429B5322220} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {598CB97B-65C7-4283-BD8A-FEEC45EA7671} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-07-08] (COMODO)
Task: {5A7BBA49-C6EF-40C3-9E82-BB741F5C5B2F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-07-08] (COMODO)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {629F090D-FC5E-4BA8-800F-DA91CFA21AAE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29] (Google Inc.)
Task: {6D87217D-F984-4395-A98D-B153E3760AD6} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {75874276-C252-4409-841D-02AA1BC29317} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-07-08] (COMODO)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {8718BDFA-97C8-42E6-A989-6A30B53C22CC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {9484DECA-1E46-4FD4-A22C-6F2422A5FB3A} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-03-26] (Sony Corporation)
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9DDF3E59-35E8-4721-86F1-8FDB721482F2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation)
Task: {A360A6A8-B115-4A56-8459-B89F8ED08864} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B044B966-7451-4691-BC35-B06B148384E1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {B389A498-47F9-45AA-A9B0-08147D31691F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {B491E1A5-325A-4D89-84B3-5A5F4F138989} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {B8C4EFFB-8B1C-4BE9-905F-1C9F0D13688A} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BEBE6C16-6E40-4DCB-B956-A0E3A2E02F4A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C35539D9-F403-4A2B-8A35-78E94AB27E32} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C5245948-1170-4793-8325-6C0317F75A71} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-07-08] (COMODO)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {C99B5E82-026E-4ED8-A7C1-4910773798F0} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-07-08] (COMODO)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D1180A6F-0C4C-4E49-A650-B43D4C401889} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {DB5ECE09-3DF7-4DE1-A9A5-A2E7F8CEE473} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E5C14676-1518-41E5-B124-F838EEA74B0F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E8F2744D-54A4-4B81-AD3A-B122EB6DD8CD} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2354407877-180793676-4171637688-1001
Task: {E9CE5E48-4A75-476C-88B3-493593A1160E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F4001141-644D-401D-9C32-3E547426747B} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File
Task: {F61B6634-7847-4E2B-A353-9642BEFC70AE} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {F7FCE0E2-6F05-406A-A57A-AC62D9169E1A} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-07-08] (COMODO)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/23/2013 11:51:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ANNIKA)
Description: Die App „NAMCOBANDAIGamesInc.PAC-MANChampionshipEditionDXfo_gdy2aq6ez762w!App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (08/23/2013 11:50:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ANNIKA)
Description: Die App „NAMCOBANDAIGamesInc.PAC-MANChampionshipEditionDXfo_gdy2aq6ez762w!App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (08/22/2013 09:37:30 PM) (Source: MsiInstaller) (User: ANNIKA)
Description: Produkt: iTunes -- Es ist bereits eine ältere Version von iTunes auf diesem Computer installiert.

Error: (08/22/2013 09:37:24 PM) (Source: MsiInstaller) (User: ANNIKA)
Description: Produkt: iTunes -- Es ist bereits eine ältere Version von iTunes auf diesem Computer installiert.

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 804250

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 804250

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3739312

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3739312

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (08/23/2013 00:01:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/22/2013 10:00:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (08/22/2013 09:56:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/22/2013 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (08/22/2013 06:48:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (08/22/2013 05:36:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (08/22/2013 05:32:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/22/2013 05:32:03 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎22.‎08.‎2013 um 17:23:05 unerwartet heruntergefahren.

Error: (08/22/2013 05:30:18 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212260171068224

Error: (08/21/2013 02:32:03 PM) (Source: DCOM) (User: ANNIKA)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (08/23/2013 11:51:42 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ANNIKA)
Description: NAMCOBANDAIGamesInc.PAC-MANChampionshipEditionDXfo_gdy2aq6ez762w!App

Error: (08/23/2013 11:50:59 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ANNIKA)
Description: NAMCOBANDAIGamesInc.PAC-MANChampionshipEditionDXfo_gdy2aq6ez762w!App

Error: (08/22/2013 09:37:30 PM) (Source: MsiInstaller)(User: ANNIKA)
Description: Produkt: iTunes -- Es ist bereits eine ältere Version von iTunes auf diesem Computer installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/22/2013 09:37:24 PM) (Source: MsiInstaller)(User: ANNIKA)
Description: Produkt: iTunes -- Es ist bereits eine ältere Version von iTunes auf diesem Computer installiert.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 804250

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 804250

Error: (08/22/2013 04:35:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3739312

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3739312

Error: (08/22/2013 03:50:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-23 12:48:54.898
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 12:14:51.305
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 12:13:26.695
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 11:49:40.831
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 11:23:00.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 00:04:38.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-23 00:03:40.320
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-22 23:18:06.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-22 22:00:42.446
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-08-22 21:57:13.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8139.27 MB
Available physical RAM: 5793.46 MB
Total Pagefile: 9867.27 MB
Available Pagefile: 7029.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:901.66 GB) (Free:838.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 26228CE7)

Partition: GPT Partition Type
==================== End Of Log ============================
Sorry für die verwirrung;)

schrauber 23.08.2013 13:44
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Annyso 23.08.2013 14:20
Hallo schrauber,
weißt du wie man comodoo deaktiviert? ich finde nichts dazu...
bei malwarbytes reicht es wenn da steht "schutz deaktiviert"?
Sorry;)

schrauber 23.08.2013 14:30
Malwarebytes reicht das.

https://forums.comodo.com/deutsch-ge...-t91954.0.html

Annyso 23.08.2013 16:42
sprechen wir hier von der Funktion "Stop all Activity"?
es tut mir wirklich leid für die umstände...ich will einfach nix falsch machen... wie gesagt, ich besitze sehr rudimentär ausgeprägte computerkentnisse:D

Hallo Schrauber,
hier das combofix Log:
Code:
ComboFix 13-08-22.01 - Annika 23.08.2013  17:10:42.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8139.6468 [GMT 2:00]
ausgeführt von:: c:\users\Annika\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\programdata\BrowserDefender
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-23 bis 2013-08-23  ))))))))))))))))))))))))))))))
.
.
2013-08-23 15:24 . 2013-08-23 15:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-23 10:21 . 2013-08-23 10:21        --------        d-----w-        C:\FRST
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Local\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\programdata\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\program files (x86)\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Roaming\Dealply
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 10:18 . 2013-08-23 10:18        --------        d-----w-        c:\users\Annika\AppData\Roaming\DSite
2013-08-23 10:18 . 2013-08-23 10:18        --------        d-----w-        c:\program files (x86)\OpenIt
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\users\Annika\AppData\Roaming\BabSolution
2013-08-23 10:16 . 2013-08-23 10:17        --------        d-----w-        c:\program files (x86)\Optimizer Pro
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\users\Annika\AppData\Roaming\Babylon
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\programdata\Babylon
2013-08-22 16:37 . 2013-08-22 16:37        --------        d-----w-        c:\users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\programdata\Malwarebytes
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 16:36 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\users\Annika\AppData\Local\Programs
2013-08-20 08:42 . 2013-08-20 08:42        240304        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-15 09:42 . 2013-07-09 06:07        2233168        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-08-15 09:40 . 2013-07-13 06:18        337408        ----a-w-        c:\windows\system32\wintrust.dll
2013-08-15 09:40 . 2013-07-13 06:16        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-08-15 09:40 . 2013-07-13 06:16        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-08-15 09:40 . 2013-07-13 06:15        98304        ----a-w-        c:\windows\system32\apprepsync.dll
2013-08-15 09:40 . 2013-07-13 06:15        124416        ----a-w-        c:\windows\system32\apprepapi.dll
2013-08-15 09:40 . 2013-07-13 04:24        261120        ----a-w-        c:\windows\SysWow64\wintrust.dll
2013-08-15 09:40 . 2013-07-13 04:23        1568256        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-08-15 09:40 . 2013-07-13 04:23        87040        ----a-w-        c:\windows\SysWow64\apprepapi.dll
2013-08-15 09:40 . 2013-07-13 04:23        74240        ----a-w-        c:\windows\SysWow64\apprepsync.dll
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files\iPod
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files\iTunes
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files (x86)\iTunes
2013-07-31 11:27 . 2013-08-15 11:51        --------        d-----w-        c:\windows\system32\MRT
2013-07-26 19:36 . 2013-07-26 19:36        --------        d-----w-        c:\program files (x86)\Common Files\COMODO
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 11:50 . 2012-12-28 10:12        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-08-05 21:57 . 2013-06-05 12:07        48392        ----a-w-        c:\windows\SysWow64\certsentry.dll
2013-08-05 21:57 . 2012-12-30 16:59        57096        ----a-w-        c:\windows\system32\certsentry.dll
2013-07-08 20:59 . 2012-12-14 19:45        713776        ----a-w-        c:\windows\system32\drivers\cmdguard.sys
2013-06-27 22:04 . 2012-07-26 08:14        78200        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-18 15:16 . 2012-12-14 19:45        118400        ----a-w-        c:\windows\system32\drivers\inspect.sys
2013-06-18 15:16 . 2012-12-14 19:45        37560        ----a-w-        c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16 . 2012-12-14 19:45        23168        ----a-w-        c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15 . 2012-12-14 19:45        43216        ----a-w-        c:\windows\system32\cmdcsr.dll
2013-06-18 15:15 . 2012-12-14 19:45        348584        ----a-w-        c:\windows\SysWow64\guard32.dll
2013-06-18 15:15 . 2012-12-14 19:45        437688        ----a-w-        c:\windows\system32\guard64.dll
2013-06-18 15:15 . 2012-12-14 19:45        344792        ----a-w-        c:\windows\system32\cmdvrt64.dll
2013-06-18 15:15 . 2012-09-04 18:22        45784        ----a-w-        c:\windows\system32\cmdkbd64.dll
2013-06-18 15:15 . 2012-12-14 19:45        278232        ----a-w-        c:\windows\SysWow64\cmdvrt32.dll
2013-06-18 15:15 . 2012-09-04 18:07        40664        ----a-w-        c:\windows\SysWow64\cmdkbd32.dll
2013-06-16 22:41 . 2013-07-16 19:40        997632        ----a-w-        c:\windows\system32\drivers\ndis.sys
2013-06-13 06:09 . 2013-06-13 06:09        55496        ----a-w-        c:\windows\SysWow64\offreg.dll
2013-06-01 11:54 . 2013-07-16 19:40        194816        ----a-w-        c:\windows\system32\drivers\sdbus.sys
2013-06-01 11:54 . 2013-07-16 19:40        125184        ----a-w-        c:\windows\system32\drivers\dumpsd.sys
2013-06-01 11:34 . 2013-07-16 19:40        2391280        ----a-w-        c:\windows\explorer.exe
2013-06-01 11:29 . 2013-07-16 19:40        337152        ----a-w-        c:\windows\system32\drivers\USBXHCI.SYS
2013-06-01 11:29 . 2013-07-16 19:40        213248        ----a-w-        c:\windows\system32\drivers\UCX01000.SYS
2013-06-01 11:26 . 2013-07-16 19:40        327936        ----a-w-        c:\windows\system32\drivers\volsnap.sys
2013-06-01 11:26 . 2013-07-16 19:40        6987008        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-06-01 10:24 . 2013-07-16 19:40        2106176        ----a-w-        c:\windows\SysWow64\explorer.exe
2013-06-01 09:25 . 2013-07-16 19:40        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25 . 2013-07-16 19:40        67584        ----a-w-        c:\windows\SysWow64\samlib.dll
2013-06-01 09:25 . 2013-07-16 16:20        496640        ----a-w-        c:\windows\SysWow64\qedit.dll
2013-06-01 09:24 . 2013-07-16 19:40        493056        ----a-w-        c:\windows\SysWow64\mscms.dll
2013-06-01 09:24 . 2013-07-16 19:40        1453568        ----a-w-        c:\windows\SysWow64\mfcore.dll
2013-06-01 09:24 . 2013-07-16 19:40        850944        ----a-w-        c:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:23 . 2013-07-16 19:40        1842176        ----a-w-        c:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23 . 2013-07-16 19:40        680960        ----a-w-        c:\windows\system32\vds.exe
2013-06-01 09:22 . 2013-07-16 19:40        80896        ----a-w-        c:\windows\system32\MbaeParserTask.exe
2013-06-01 09:22 . 2013-07-16 19:40        523264        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-06-01 09:22 . 2013-07-16 19:40        446976        ----a-w-        c:\windows\system32\wwansvc.dll
2013-06-01 09:22 . 2013-07-16 19:40        190976        ----a-w-        c:\windows\system32\vdsutil.dll
2013-06-01 09:21 . 2013-07-16 19:40        729600        ----a-w-        c:\windows\system32\samsrv.dll
2013-06-01 09:21 . 2013-07-16 19:40        106496        ----a-w-        c:\windows\system32\samlib.dll
2013-06-01 09:21 . 2013-07-16 16:20        595968        ----a-w-        c:\windows\system32\qedit.dll
2013-06-01 09:20 . 2013-07-16 19:40        583168        ----a-w-        c:\windows\system32\mscms.dll
2013-06-01 09:20 . 2013-07-16 19:40        1527808        ----a-w-        c:\windows\system32\mfcore.dll
2013-06-01 09:20 . 2013-07-16 19:40        1048576        ----a-w-        c:\windows\system32\mfasfsrcsnk.dll
2013-06-01 09:20 . 2013-07-16 19:40        2219520        ----a-w-        c:\windows\system32\dwmcore.dll
2013-06-01 09:19 . 2013-07-16 19:40        207872        ----a-w-        c:\windows\system32\DeviceSetupManager.dll
2013-06-01 09:19 . 2013-07-16 19:40        785408        ----a-w-        c:\windows\system32\audiosrv.dll
2013-06-01 03:08 . 2013-07-16 19:40        37632        ----a-w-        c:\windows\system32\drivers\BthAvrcpTg.sys
2013-05-30 23:24 . 2013-06-19 19:20        1257472        ----a-w-        c:\windows\system32\kernel32.dll
2013-05-30 23:14 . 2013-07-16 16:21        4036096        ----a-w-        c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-28 14:56        279552        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-7-24 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceActiveDesktopOn"= 0 (0x0)
"NoActiveDesktopChanges"= 1 (0x1)
"NoActiveDesktop"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/10/29 10:28;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\System32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdhlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 15:58        1173456        ----a-w-        c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2012-12-18 19:08        215264        ----a-w-        c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-29 17:29]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 16:33]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 16:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-28 14:56        339456        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-10-09 64640]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-10-09 765056]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-10-09 127616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
uDefault_Page_URL = hxxp://sony13.msn.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: Interfaces\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}\5416379724F687D2536324036423: NameServer = 156.154.70.22,156.154.71.22
.
.
------- Dateityp-Verknüpfung -------
.
regedit=regedit.exe "%1"
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Networking 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Memory Cache 4.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\1394ohci]
"ImagePath"="\SystemRoot\System32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3ware]
"ImagePath"="System32\drivers\3ware.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ACPI]
"ImagePath"="System32\drivers\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpiex]
"ImagePath"="System32\Drivers\acpiex.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpipagr]
"ImagePath"="\SystemRoot\System32\drivers\acpipagr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AcpiPmi]
"ImagePath"="\SystemRoot\System32\drivers\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpitime]
"ImagePath"="\SystemRoot\System32\drivers\acpitime.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeARMservice]
"ImagePath"="\"c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adp94xx]
"ImagePath"="System32\drivers\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpahci]
"ImagePath"="System32\drivers\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpu320]
"ImagePath"="System32\drivers\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adsi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\agp440]
"ImagePath"="System32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AllUserInstallAgent]
"ServiceDLL"="%SystemRoot%\system32\AUInstallAgent.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AMD External Events Utility]
"ImagePath"="%SystemRoot%\system32\atiesrxx.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdK8]
"ImagePath"="\SystemRoot\System32\drivers\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdkmdag]
"ImagePath"="\SystemRoot\system32\DRIVERS\atikmdag.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdkmdap]
"ImagePath"="\SystemRoot\system32\DRIVERS\atikmpag.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdPPM]
"ImagePath"="\SystemRoot\System32\drivers\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdsata]
"ImagePath"="System32\drivers\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdsbs]
"ImagePath"="System32\drivers\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdxata]
"ImagePath"="System32\drivers\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Apple Mobile Device]
"ImagePath"="\"c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arc]
"ImagePath"="System32\drivers\arc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arcsas]
"ImagePath"="System32\drivers\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi]
"ImagePath"="System32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AthBTPort]
"ImagePath"="\SystemRoot\system32\DRIVERS\btath_flt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ATHDFU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AtherosSvc]
"ImagePath"="c:\program files (x86)\Bluetooth Suite\adminservice.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\athr]
"ImagePath"="\SystemRoot\system32\DRIVERS\athw8x.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Atierecord]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AtiHDAudioService]
"ImagePath"="\SystemRoot\system32\drivers\AtihdW86.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\AudioEndpointBuilder.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Audiosrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\b06bdrv]
"ImagePath"="System32\drivers\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BasicDisplay]
"ImagePath"="\SystemRoot\System32\drivers\BasicDisplay.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BasicRender]
"ImagePath"="\SystemRoot\System32\drivers\BasicRender.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BBSvc]
"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BBUpdate]
"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS]
"ServiceDll"="%SystemRoot%\System32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bonjour Service]
"ImagePath"="\"c:\program files\Bonjour\mDNSResponder.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrokerInfrastructure]
"ServiceDll"="%SystemRoot%\System32\bisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_A2DP]
"ImagePath"="\SystemRoot\system32\drivers\btath_a2dp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\btath_avdt]
"ImagePath"="\SystemRoot\system32\drivers\btath_avdt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_BUS]
"ImagePath"="\SystemRoot\System32\drivers\btath_bus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_HCRP]
"ImagePath"="\SystemRoot\System32\drivers\btath_hcrp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_LWFLT]
"ImagePath"="\SystemRoot\system32\DRIVERS\btath_lwflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_RCP]
"ImagePath"="\SystemRoot\System32\drivers\btath_rcp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_SCO]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_VDP]
"ImagePath"="\SystemRoot\system32\drivers\btath_vdp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BtFilter]
"ImagePath"="\SystemRoot\system32\DRIVERS\btfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthAvrcpTg]
"ImagePath"="\SystemRoot\System32\drivers\BthAvrcpTg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthEnum]
"ImagePath"="\SystemRoot\System32\drivers\BthEnum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthHFEnum]
"ImagePath"="\SystemRoot\System32\drivers\bthhfenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bthhfhid]
"ImagePath"="\SystemRoot\System32\drivers\BthHFHid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthLEEnum]
"ImagePath"="\SystemRoot\system32\DRIVERS\BthLEEnum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHMODEM]
"ImagePath"="\SystemRoot\System32\drivers\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthPan]
"ImagePath"="\SystemRoot\system32\DRIVERS\bthpan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT]
"ImagePath"="\SystemRoot\System32\Drivers\BTHport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHUSB]
"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdrom]
"ImagePath"="\SystemRoot\System32\drivers\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CFRMD]
"ImagePath"="system32\DRIVERS\CFRMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\circlass]
"ImagePath"="\SystemRoot\System32\drivers\circlass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLFS]
"ImagePath"="System32\drivers\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLKMSVC10_9EC60124]
"ImagePath"="\"c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLPSLauncher]
"ImagePath"="\"c:\program files (x86)\Common Files\COMODO\launcher_service.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_64]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v4.0.30319_32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v4.0.30319_64]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLVirtualDrive]
"ImagePath"="\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmBatt]
"ImagePath"="\SystemRoot\System32\drivers\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdAgent]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmderd]
"ImagePath"="System32\DRIVERS\cmderd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdGuard]
"ImagePath"="system32\DRIVERS\cmdguard.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdhlp]
"ImagePath"="\SystemRoot\system32\DRIVERS\cmdhlp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdvirth]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CngHwAssist]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CompositeBus]
"ImagePath"="\SystemRoot\System32\drivers\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\condrv]
"ImagePath"="System32\drivers\condrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\crypt32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dam]
"ImagePath"="system32\drivers\dam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DCLocator]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DeviceAssociationService]
"ServiceDll"="%SystemRoot%\system32\das.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DeviceInstall]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dfsc]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\disk]
"ImagePath"="System32\drivers\disk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dmvsc]
"ImagePath"="\SystemRoot\System32\drivers\dmvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot4]
"ImagePath"="\SystemRoot\system32\DRIVERS\Dot4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dot4Print]
"ImagePath"="\SystemRoot\System32\drivers\Dot4Prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot4usb]
"ImagePath"="\SystemRoot\system32\DRIVERS\dot4usb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DragonUpdater]
"ImagePath"="c:\program files (x86)\Comodo\Dragon\dragon_updater.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drmkaud]
"ImagePath"="\SystemRoot\system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DsmSvc]
"ServiceDll"="%SystemRoot%\System32\DeviceSetupManager.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\e1yexpress]
"ImagePath"="\SystemRoot\system32\DRIVERS\e1y60x64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eaphost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ebdrv]
"ImagePath"="System32\drivers\evbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EhStorClass]
"ImagePath"="System32\drivers\EhStorClass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EhStorTcgDrv]
"ImagePath"="System32\drivers\EhStorTcgDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ErrDev]
"ImagePath"="\SystemRoot\System32\drivers\errdev.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESENT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\exfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fastfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdc]
"ImagePath"="\SystemRoot\System32\drivers\fdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fhsvc]
"ServiceDll"="%SystemRoot%\system32\fhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FileInfo]
"ImagePath"="System32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\flpydisk]
"ImagePath"="\SystemRoot\System32\drivers\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FxPPM]
"ImagePath"="\SystemRoot\System32\drivers\fxppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gagp30kx]
"ImagePath"="System32\drivers\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GamesAppService]
"ImagePath"="\"c:\program files (x86)\WildTangent Games\App\GamesAppService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GEARAspiWDM]
"ImagePath"="\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GeekBuddyRSP]
"ImagePath"="\"c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe\" -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gencounter]
"ImagePath"="\SystemRoot\System32\drivers\vmgencounter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GPIOClx0101]
"ImagePath"="System32\Drivers\msgpioclx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gupdate]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gupdatem]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HdAudAddService]
"ImagePath"="\SystemRoot\system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HDAudBus]
"ImagePath"="\SystemRoot\System32\drivers\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidBatt]
"ImagePath"="\SystemRoot\System32\drivers\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidBth]
"ImagePath"="\SystemRoot\System32\drivers\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hidi2c]
"ImagePath"="\SystemRoot\System32\drivers\hidi2c.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidIr]
"ImagePath"="\SystemRoot\System32\drivers\hidir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidUsb]
"ImagePath"="\SystemRoot\System32\drivers\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HpSAMD]
"ImagePath"="System32\drivers\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HPSLPSVC]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTCAND64]
"ImagePath"="\SystemRoot\System32\Drivers\ANDROIDUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTCMonitorService]
"ImagePath"="\"c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\htcnprot]
"ImagePath"="\SystemRoot\system32\DRIVERS\htcnprot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hyperkbd]
"ImagePath"="\SystemRoot\System32\drivers\hyperkbd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HyperVideo]
"ImagePath"="\SystemRoot\system32\DRIVERS\HyperVideo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i8042prt]
"ImagePath"="\SystemRoot\System32\drivers\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStorA]
"ImagePath"="System32\drivers\iaStorA.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStorV]
"ImagePath"="System32\drivers\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IconMan_R]
"ImagePath"="\"c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iirsp]
"ImagePath"="System32\drivers\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inspect]
"ImagePath"="\SystemRoot\system32\DRIVERS\inspect.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="\SystemRoot\system32\drivers\RTKVHD64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Intel(R) Capability Licensing Service Interface]
"ImagePath"="\"c:\program files\Intel\iCLS Client\HeciServer.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Intel(R) ME Service]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelide]
"ImagePath"="System32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelppm]
"ImagePath"="\SystemRoot\System32\drivers\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPMIDRV]
"ImagePath"="\SystemRoot\System32\drivers\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iPod Service]
"ImagePath"="\"c:\program files\iPod\bin\iPodService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\isapnp]
"ImagePath"="System32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iScsiPrt]
"ImagePath"="\SystemRoot\System32\drivers\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\jhi_service]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdclass]
"ImagePath"="\SystemRoot\System32\drivers\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdhid]
"ImagePath"="\SystemRoot\System32\drivers\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kdnic]
"ImagePath"="\SystemRoot\system32\DRIVERS\kdnic.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdio]
"ImagePath"="\SystemRoot\system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LMS]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Lsa]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SAS]
"ImagePath"="System32\drivers\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SAS2]
"ImagePath"="System32\drivers\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SCSI]
"ImagePath"="System32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SSS]
"ImagePath"="System32\drivers\lsi_sss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSM]
"ServiceDll"="%SystemRoot%\System32\lsm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMScheduler]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\McOobeSv2]
"ImagePath"="\"c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe\" /McCoreSvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\megasas]
"ImagePath"="System32\drivers\megasas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MegaSR]
"ImagePath"="System32\drivers\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEIx64]
"ImagePath"="\SystemRoot\System32\drivers\HECIx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mfebopk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft SharePoint Workspace Audit Service]
"ImagePath"="\"c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE\" /auditservice"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\monitor]
"ImagePath"="\SystemRoot\System32\drivers\monitor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouclass]
"ImagePath"="\SystemRoot\System32\drivers\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouhid]
"ImagePath"="\SystemRoot\System32\drivers\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsBridge]
"ImagePath"="\SystemRoot\system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC Bridge 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msgpiowin32]
"ImagePath"="\SystemRoot\System32\drivers\msgpiowin32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mshidumdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidumdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msisadrv]
"ImagePath"="System32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSKSSRV]
"ImagePath"="\SystemRoot\system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsLldp]
"ImagePath"="\SystemRoot\system32\DRIVERS\mslldp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPCLOCK]
"ImagePath"="\SystemRoot\system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPQM]
"ImagePath"="\SystemRoot\system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsRPC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mssmbios]
"ImagePath"="\SystemRoot\System32\drivers\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSTEE]
"ImagePath"="\SystemRoot\system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MTConfig]
"ImagePath"="\SystemRoot\System32\drivers\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mvumis]
"ImagePath"="System32\drivers\mvumis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NativeWifiP]
"ImagePath"="\SystemRoot\system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NcaSvc]
"ServiceDll"="%SystemRoot%\System32\ncasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NcdAutoSetup]
"ServiceDll"="%SystemRoot%\System32\NcdAutoSetup.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisCap]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisImPlatform]
"ImagePath"="\SystemRoot\system32\DRIVERS\NdisImPlatform.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisTapi]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ndisuio]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisWan]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDISWANLEGACY]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ndu]
"ImagePath"="system32\drivers\Ndu.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZinw12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon]
"ImagePath"="%systemroot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetworkSupport]
"ImagePath"="\"c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nfrd960]
"ImagePath"="System32\drivers\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npsvctrig]
"ImagePath"="\SystemRoot\System32\drivers\npsvctrig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvraid]
"ImagePath"="System32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvstor]
"ImagePath"="System32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nv_agp]
"ImagePath"="System32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\osppsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Outlook]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Parport]
"ImagePath"="\SystemRoot\System32\drivers\parport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PassThru Service]
"ImagePath"="c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pci]
"ImagePath"="System32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pciide]
"ImagePath"="System32\drivers\pciide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pcmcia]
"ImagePath"="System32\drivers\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdc]
"ImagePath"="system32\drivers\pdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PMBDeviceInfoProvider]
"ImagePath"="\"c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZipm12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PortProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PptpMiniport]
"ImagePath"="\SystemRoot\system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PrintNotify]
"ServiceDll"="c:\windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Processor]
"ImagePath"="\SystemRoot\System32\drivers\processr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Psched]
"ImagePath"="\SystemRoot\system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAgileVpn]
"ImagePath"="\SystemRoot\system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Rasl2tp]
"ImagePath"="\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe]
"ImagePath"="\SystemRoot\system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasSstp]
"ImagePath"="\SystemRoot\system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDMANDK]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdpbus]
"ImagePath"="\SystemRoot\System32\drivers\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPDR]
"ImagePath"="System32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPUDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RdpVideoMiniport]
"ImagePath"="System32\drivers\rdpvideominiport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RFCOMM]
"ImagePath"="\SystemRoot\System32\drivers\rfcomm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RSPCIESTOR]
"ImagePath"="\SystemRoot\system32\DRIVERS\RtsPStor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rspndr]
"ImagePath"="\SystemRoot\system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RTL8168]
"ImagePath"="\SystemRoot\system32\DRIVERS\Rt630x64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\s3cap]
"ImagePath"="\SystemRoot\System32\drivers\vms3cap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sbp2port]
"ImagePath"="System32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdbus]
"ImagePath"="\SystemRoot\System32\drivers\sdbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdstor]
"ImagePath"="\SystemRoot\System32\drivers\sdstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\secdrv]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\System32\sens.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SerCx]
"ImagePath"="system32\drivers\SerCx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serenum]
"ImagePath"="\SystemRoot\System32\drivers\serenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serial]
"ImagePath"="\SystemRoot\System32\drivers\serial.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sermouse]
"ImagePath"="\SystemRoot\System32\drivers\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SFEP]
"ImagePath"="\SystemRoot\System32\drivers\SFEP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sfloppy]
"ImagePath"="\SystemRoot\System32\drivers\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid2]
"ImagePath"="System32\drivers\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid4]
"ImagePath"="System32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SmbDrvI]
"ImagePath"="\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SMSvcHost 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHCImp]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHDms]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHDs]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOWS]
"ImagePath"="\SystemRoot\System32\drivers\sows.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\spaceport]
"ImagePath"="System32\drivers\spaceport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SpbCx]
"ImagePath"="system32\drivers\SpbCx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SpfService]
"ImagePath"="\"c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\stexstor]
"ImagePath"="System32\drivers\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storahci]
"ImagePath"="System32\drivers\storahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storflt]
"ImagePath"="system32\DRIVERS\vmstorfl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\StorSvc]
"ServiceDll"="%SystemRoot%\system32\storsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storvsc]
"ImagePath"="System32\drivers\storvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\svsvc]
"ServiceDll"="%SystemRoot%\system32\svsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swenum]
"ImagePath"="\SystemRoot\System32\drivers\swenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SynTP]
"ImagePath"="\SystemRoot\system32\DRIVERS\SynTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemEventsBroker]
"ServiceDll"="%SystemRoot%\System32\SystemEventsBrokerServer.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIP6]
"ImagePath"="\SystemRoot\system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\terminpt]
"ImagePath"="\SystemRoot\System32\drivers\terminpt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TimeBroker]
"ServiceDll"="%SystemRoot%\System32\TimeBrokerServer.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TPM]
"ImagePath"="\SystemRoot\system32\drivers\tpm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TsUsbFlt]
"ImagePath"="system32\drivers\tsusbflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TsUsbGD]
"ImagePath"="\SystemRoot\System32\drivers\TsUsbGD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tunnel]
"ImagePath"="\SystemRoot\system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uagp35]
"ImagePath"="System32\drivers\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UASPStor]
"ImagePath"="\SystemRoot\System32\drivers\uaspstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UCX01000]
"ImagePath"="\SystemRoot\System32\drivers\ucx01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGatherer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uliagpkx]
"ImagePath"="System32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\umbus]
"ImagePath"="\SystemRoot\System32\drivers\umbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UmPass]
"ImagePath"="\SystemRoot\System32\drivers\umpass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UmRdpService]
"ServiceDll"="%SystemRoot%\System32\umrdp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UNS]
"ImagePath"="\"c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbccgp]
"ImagePath"="\SystemRoot\System32\drivers\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbcir]
"ImagePath"="\SystemRoot\System32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbehci]
"ImagePath"="\SystemRoot\System32\drivers\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbhub]
"ImagePath"="\SystemRoot\System32\drivers\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBHUB3]
"ImagePath"="\SystemRoot\System32\drivers\UsbHub3.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbohci]
"ImagePath"="\SystemRoot\System32\drivers\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbprint]
"ImagePath"="\SystemRoot\System32\drivers\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbscan]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBSTOR]
"ImagePath"="\SystemRoot\System32\drivers\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbuhci]
"ImagePath"="\SystemRoot\System32\drivers\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbvideo]
"ImagePath"="\SystemRoot\System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBXHCI]
"ImagePath"="\SystemRoot\System32\drivers\USBXHCI.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VAIO Event Service]
"ImagePath"="\"c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VAIO Power Management]
"ImagePath"="\"c:\program files\Sony\VAIO Power Management\SPMService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VCFw]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VCService]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdrvroot]
"ImagePath"="System32\drivers\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VerifierExt]
"ImagePath"="system32\drivers\VerifierExt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vhdmp]
"ImagePath"="\SystemRoot\System32\drivers\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\viaide]
"ImagePath"="System32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmbus]
"ImagePath"="System32\drivers\vmbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VMBusHID]
"ImagePath"="\SystemRoot\System32\drivers\VMBusHID.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicheartbeat]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmickvpexchange]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicrdv]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicshutdown]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmictimesync]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicvss]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgr]
"ImagePath"="System32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volsnap]
"ImagePath"="System32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vpci]
"ImagePath"="\SystemRoot\System32\drivers\vpci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vsmraid]
"ImagePath"="System32\drivers\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSTXRAID]
"ImagePath"="System32\drivers\vstxraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VUAgent]
"ImagePath"="\"c:\program files\Sony\VAIO Update\VUAgent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwifibus]
"ImagePath"="\SystemRoot\System32\drivers\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwififlt]
"ImagePath"="\SystemRoot\system32\DRIVERS\vwififlt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwifimp]
"ImagePath"="\SystemRoot\system32\DRIVERS\vwifimp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WacomPen]
"ImagePath"="\SystemRoot\System32\drivers\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarp]
"ImagePath"="\SystemRoot\system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarpv6]
"ImagePath"="\SystemRoot\system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wcmsvc]
"ServiceDll"="%SystemRoot%\System32\wcmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wd]
"ImagePath"="System32\drivers\wd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdBoot]
"ImagePath"="\SystemRoot\system32\drivers\WdBoot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdFilter]
"ImagePath"="\SystemRoot\system32\drivers\WdFilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WFPLWFS]
"ImagePath"="system32\DRIVERS\wfplwfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WiaRpc]
"ServiceDll"="%SystemRoot%\System32\wiarpc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
"ImagePath"="%ProgramFiles%\Windows Defender\MsMpEng.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHttpAutoProxySvc]
"ServiceDll"="%SystemRoot%\system32\winhttp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinUsb]
"ImagePath"="\SystemRoot\system32\DRIVERS\WinUsb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WlanSvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wlidsvc]
"ServiceDll"="%SystemRoot%\system32\wlidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiAcpi]
"ImagePath"="\SystemRoot\System32\drivers\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\workerdd]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wpcfltr]
"ImagePath"="system32\DRIVERS\wpcfltr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WpdUpFltr]
"ImagePath"="System32\drivers\WpdUpFltr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSService]
"ServiceDll"="%SystemRoot%\System32\WSService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd]
"ImagePath"="\SystemRoot\System32\drivers\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFSensorLP]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFWpdFs]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFWpdMtp]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\xmlprov]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZAtheros Bt and Wlan Coex Agent]
"ImagePath"="c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{6F9BC21C-C0D5-4C8B-9D6B-1BC1E44614A0}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE5B7D82-DFC8-4B41-B6E1-F5095F58894B}]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-08-23  17:40:31
ComboFix-quarantined-files.txt  2013-08-23 15:40
.
Vor Suchlauf: 12 Verzeichnis(se), 900.028.833.792 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 901.355.536.384 Bytes frei
.
- - End Of File - - 2D71222EF2F7F32F51A6BBC4F807EF73

Annyso 23.08.2013 16:47
Hallo Schrauber,
hier das combofix Log:

Code:
ComboFix 13-08-22.01 - Annika 23.08.2013  17:10:42.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8139.6468 [GMT 2:00]
ausgeführt von:: c:\users\Annika\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\programdata\BrowserDefender
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Annika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-23 bis 2013-08-23  ))))))))))))))))))))))))))))))
.
.
2013-08-23 15:24 . 2013-08-23 15:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-23 10:21 . 2013-08-23 10:21        --------        d-----w-        C:\FRST
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Local\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\programdata\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\program files (x86)\DealPlyLive
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Roaming\Dealply
2013-08-23 10:19 . 2013-08-23 10:19        --------        d-----w-        c:\users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 10:18 . 2013-08-23 10:18        --------        d-----w-        c:\users\Annika\AppData\Roaming\DSite
2013-08-23 10:18 . 2013-08-23 10:18        --------        d-----w-        c:\program files (x86)\OpenIt
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\users\Annika\AppData\Roaming\BabSolution
2013-08-23 10:16 . 2013-08-23 10:17        --------        d-----w-        c:\program files (x86)\Optimizer Pro
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\users\Annika\AppData\Roaming\Babylon
2013-08-23 10:16 . 2013-08-23 10:16        --------        d-----w-        c:\programdata\Babylon
2013-08-22 16:37 . 2013-08-22 16:37        --------        d-----w-        c:\users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\programdata\Malwarebytes
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 16:36 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-08-22 16:36 . 2013-08-22 16:36        --------        d-----w-        c:\users\Annika\AppData\Local\Programs
2013-08-20 08:42 . 2013-08-20 08:42        240304        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-15 09:42 . 2013-07-09 06:07        2233168        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-08-15 09:40 . 2013-07-13 06:18        337408        ----a-w-        c:\windows\system32\wintrust.dll
2013-08-15 09:40 . 2013-07-13 06:16        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-08-15 09:40 . 2013-07-13 06:16        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-08-15 09:40 . 2013-07-13 06:15        98304        ----a-w-        c:\windows\system32\apprepsync.dll
2013-08-15 09:40 . 2013-07-13 06:15        124416        ----a-w-        c:\windows\system32\apprepapi.dll
2013-08-15 09:40 . 2013-07-13 04:24        261120        ----a-w-        c:\windows\SysWow64\wintrust.dll
2013-08-15 09:40 . 2013-07-13 04:23        1568256        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-08-15 09:40 . 2013-07-13 04:23        87040        ----a-w-        c:\windows\SysWow64\apprepapi.dll
2013-08-15 09:40 . 2013-07-13 04:23        74240        ----a-w-        c:\windows\SysWow64\apprepsync.dll
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files\iPod
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files\iTunes
2013-08-13 11:50 . 2013-08-13 11:50        --------        d-----w-        c:\program files (x86)\iTunes
2013-07-31 11:27 . 2013-08-15 11:51        --------        d-----w-        c:\windows\system32\MRT
2013-07-26 19:36 . 2013-07-26 19:36        --------        d-----w-        c:\program files (x86)\Common Files\COMODO
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 11:50 . 2012-12-28 10:12        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-08-05 21:57 . 2013-06-05 12:07        48392        ----a-w-        c:\windows\SysWow64\certsentry.dll
2013-08-05 21:57 . 2012-12-30 16:59        57096        ----a-w-        c:\windows\system32\certsentry.dll
2013-07-08 20:59 . 2012-12-14 19:45        713776        ----a-w-        c:\windows\system32\drivers\cmdguard.sys
2013-06-27 22:04 . 2012-07-26 08:14        78200        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-18 15:16 . 2012-12-14 19:45        118400        ----a-w-        c:\windows\system32\drivers\inspect.sys
2013-06-18 15:16 . 2012-12-14 19:45        37560        ----a-w-        c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16 . 2012-12-14 19:45        23168        ----a-w-        c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15 . 2012-12-14 19:45        43216        ----a-w-        c:\windows\system32\cmdcsr.dll
2013-06-18 15:15 . 2012-12-14 19:45        348584        ----a-w-        c:\windows\SysWow64\guard32.dll
2013-06-18 15:15 . 2012-12-14 19:45        437688        ----a-w-        c:\windows\system32\guard64.dll
2013-06-18 15:15 . 2012-12-14 19:45        344792        ----a-w-        c:\windows\system32\cmdvrt64.dll
2013-06-18 15:15 . 2012-09-04 18:22        45784        ----a-w-        c:\windows\system32\cmdkbd64.dll
2013-06-18 15:15 . 2012-12-14 19:45        278232        ----a-w-        c:\windows\SysWow64\cmdvrt32.dll
2013-06-18 15:15 . 2012-09-04 18:07        40664        ----a-w-        c:\windows\SysWow64\cmdkbd32.dll
2013-06-16 22:41 . 2013-07-16 19:40        997632        ----a-w-        c:\windows\system32\drivers\ndis.sys
2013-06-13 06:09 . 2013-06-13 06:09        55496        ----a-w-        c:\windows\SysWow64\offreg.dll
2013-06-01 11:54 . 2013-07-16 19:40        194816        ----a-w-        c:\windows\system32\drivers\sdbus.sys
2013-06-01 11:54 . 2013-07-16 19:40        125184        ----a-w-        c:\windows\system32\drivers\dumpsd.sys
2013-06-01 11:34 . 2013-07-16 19:40        2391280        ----a-w-        c:\windows\explorer.exe
2013-06-01 11:29 . 2013-07-16 19:40        337152        ----a-w-        c:\windows\system32\drivers\USBXHCI.SYS
2013-06-01 11:29 . 2013-07-16 19:40        213248        ----a-w-        c:\windows\system32\drivers\UCX01000.SYS
2013-06-01 11:26 . 2013-07-16 19:40        327936        ----a-w-        c:\windows\system32\drivers\volsnap.sys
2013-06-01 11:26 . 2013-07-16 19:40        6987008        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-06-01 10:24 . 2013-07-16 19:40        2106176        ----a-w-        c:\windows\SysWow64\explorer.exe
2013-06-01 09:25 . 2013-07-16 19:40        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25 . 2013-07-16 19:40        67584        ----a-w-        c:\windows\SysWow64\samlib.dll
2013-06-01 09:25 . 2013-07-16 16:20        496640        ----a-w-        c:\windows\SysWow64\qedit.dll
2013-06-01 09:24 . 2013-07-16 19:40        493056        ----a-w-        c:\windows\SysWow64\mscms.dll
2013-06-01 09:24 . 2013-07-16 19:40        1453568        ----a-w-        c:\windows\SysWow64\mfcore.dll
2013-06-01 09:24 . 2013-07-16 19:40        850944        ----a-w-        c:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:23 . 2013-07-16 19:40        1842176        ----a-w-        c:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23 . 2013-07-16 19:40        680960        ----a-w-        c:\windows\system32\vds.exe
2013-06-01 09:22 . 2013-07-16 19:40        80896        ----a-w-        c:\windows\system32\MbaeParserTask.exe
2013-06-01 09:22 . 2013-07-16 19:40        523264        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-06-01 09:22 . 2013-07-16 19:40        446976        ----a-w-        c:\windows\system32\wwansvc.dll
2013-06-01 09:22 . 2013-07-16 19:40        190976        ----a-w-        c:\windows\system32\vdsutil.dll
2013-06-01 09:21 . 2013-07-16 19:40        729600        ----a-w-        c:\windows\system32\samsrv.dll
2013-06-01 09:21 . 2013-07-16 19:40        106496        ----a-w-        c:\windows\system32\samlib.dll
2013-06-01 09:21 . 2013-07-16 16:20        595968        ----a-w-        c:\windows\system32\qedit.dll
2013-06-01 09:20 . 2013-07-16 19:40        583168        ----a-w-        c:\windows\system32\mscms.dll
2013-06-01 09:20 . 2013-07-16 19:40        1527808        ----a-w-        c:\windows\system32\mfcore.dll
2013-06-01 09:20 . 2013-07-16 19:40        1048576        ----a-w-        c:\windows\system32\mfasfsrcsnk.dll
2013-06-01 09:20 . 2013-07-16 19:40        2219520        ----a-w-        c:\windows\system32\dwmcore.dll
2013-06-01 09:19 . 2013-07-16 19:40        207872        ----a-w-        c:\windows\system32\DeviceSetupManager.dll
2013-06-01 09:19 . 2013-07-16 19:40        785408        ----a-w-        c:\windows\system32\audiosrv.dll
2013-06-01 03:08 . 2013-07-16 19:40        37632        ----a-w-        c:\windows\system32\drivers\BthAvrcpTg.sys
2013-05-30 23:24 . 2013-06-19 19:20        1257472        ----a-w-        c:\windows\system32\kernel32.dll
2013-05-30 23:14 . 2013-07-16 16:21        4036096        ----a-w-        c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-28 14:56        279552        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-7-24 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceActiveDesktopOn"= 0 (0x0)
"NoActiveDesktopChanges"= 1 (0x1)
"NoActiveDesktop"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/10/29 10:28;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\System32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdhlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 15:58        1173456        ----a-w-        c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2012-12-18 19:08        215264        ----a-w-        c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-29 17:29]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 16:33]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-29 16:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-28 14:56        339456        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-10-09 64640]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-10-09 765056]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-10-09 127616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
uDefault_Page_URL = hxxp://sony13.msn.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: Interfaces\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}\5416379724F687D2536324036423: NameServer = 156.154.70.22,156.154.71.22
.
.
------- Dateityp-Verknüpfung -------
.
regedit=regedit.exe "%1"
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET CLR Networking 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NET Memory Cache 4.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\1394ohci]
"ImagePath"="\SystemRoot\System32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\3ware]
"ImagePath"="System32\drivers\3ware.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ACPI]
"ImagePath"="System32\drivers\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpiex]
"ImagePath"="System32\Drivers\acpiex.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpipagr]
"ImagePath"="\SystemRoot\System32\drivers\acpipagr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AcpiPmi]
"ImagePath"="\SystemRoot\System32\drivers\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\acpitime]
"ImagePath"="\SystemRoot\System32\drivers\acpitime.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeARMservice]
"ImagePath"="\"c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adp94xx]
"ImagePath"="System32\drivers\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpahci]
"ImagePath"="System32\drivers\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adpu320]
"ImagePath"="System32\drivers\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\adsi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\agp440]
"ImagePath"="System32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AllUserInstallAgent]
"ServiceDLL"="%SystemRoot%\system32\AUInstallAgent.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AMD External Events Utility]
"ImagePath"="%SystemRoot%\system32\atiesrxx.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdK8]
"ImagePath"="\SystemRoot\System32\drivers\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdkmdag]
"ImagePath"="\SystemRoot\system32\DRIVERS\atikmdag.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdkmdap]
"ImagePath"="\SystemRoot\system32\DRIVERS\atikmpag.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AmdPPM]
"ImagePath"="\SystemRoot\System32\drivers\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdsata]
"ImagePath"="System32\drivers\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdsbs]
"ImagePath"="System32\drivers\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amdxata]
"ImagePath"="System32\drivers\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Apple Mobile Device]
"ImagePath"="\"c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arc]
"ImagePath"="System32\drivers\arc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\arcsas]
"ImagePath"="System32\drivers\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi]
"ImagePath"="System32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AthBTPort]
"ImagePath"="\SystemRoot\system32\DRIVERS\btath_flt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ATHDFU]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AtherosSvc]
"ImagePath"="c:\program files (x86)\Bluetooth Suite\adminservice.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\athr]
"ImagePath"="\SystemRoot\system32\DRIVERS\athw8x.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Atierecord]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AtiHDAudioService]
"ImagePath"="\SystemRoot\system32\drivers\AtihdW86.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\AudioEndpointBuilder.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Audiosrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\b06bdrv]
"ImagePath"="System32\drivers\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BasicDisplay]
"ImagePath"="\SystemRoot\System32\drivers\BasicDisplay.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BasicRender]
"ImagePath"="\SystemRoot\System32\drivers\BasicRender.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BBSvc]
"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BBUpdate]
"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BITS]
"ServiceDll"="%SystemRoot%\System32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bonjour Service]
"ImagePath"="\"c:\program files\Bonjour\mDNSResponder.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BrokerInfrastructure]
"ServiceDll"="%SystemRoot%\System32\bisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_A2DP]
"ImagePath"="\SystemRoot\system32\drivers\btath_a2dp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\btath_avdt]
"ImagePath"="\SystemRoot\system32\drivers\btath_avdt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_BUS]
"ImagePath"="\SystemRoot\System32\drivers\btath_bus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_HCRP]
"ImagePath"="\SystemRoot\System32\drivers\btath_hcrp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_LWFLT]
"ImagePath"="\SystemRoot\system32\DRIVERS\btath_lwflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_RCP]
"ImagePath"="\SystemRoot\System32\drivers\btath_rcp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_SCO]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTATH_VDP]
"ImagePath"="\SystemRoot\system32\drivers\btath_vdp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BtFilter]
"ImagePath"="\SystemRoot\system32\DRIVERS\btfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthAvrcpTg]
"ImagePath"="\SystemRoot\System32\drivers\BthAvrcpTg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthEnum]
"ImagePath"="\SystemRoot\System32\drivers\BthEnum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthHFEnum]
"ImagePath"="\SystemRoot\System32\drivers\bthhfenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bthhfhid]
"ImagePath"="\SystemRoot\System32\drivers\BthHFHid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthLEEnum]
"ImagePath"="\SystemRoot\system32\DRIVERS\BthLEEnum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHMODEM]
"ImagePath"="\SystemRoot\System32\drivers\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BthPan]
"ImagePath"="\SystemRoot\system32\DRIVERS\bthpan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT]
"ImagePath"="\SystemRoot\System32\Drivers\BTHport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHUSB]
"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cdrom]
"ImagePath"="\SystemRoot\System32\drivers\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CFRMD]
"ImagePath"="system32\DRIVERS\CFRMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\circlass]
"ImagePath"="\SystemRoot\System32\drivers\circlass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLFS]
"ImagePath"="System32\drivers\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLKMSVC10_9EC60124]
"ImagePath"="\"c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLPSLauncher]
"ImagePath"="\"c:\program files (x86)\Common Files\COMODO\launcher_service.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v2.0.50727_64]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v4.0.30319_32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\clr_optimization_v4.0.30319_64]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CLVirtualDrive]
"ImagePath"="\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmBatt]
"ImagePath"="\SystemRoot\System32\drivers\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdAgent]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmderd]
"ImagePath"="System32\DRIVERS\cmderd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdGuard]
"ImagePath"="system32\DRIVERS\cmdguard.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdhlp]
"ImagePath"="\SystemRoot\system32\DRIVERS\cmdhlp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdvirth]
"ImagePath"="\"c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CngHwAssist]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CompositeBus]
"ImagePath"="\SystemRoot\System32\drivers\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\condrv]
"ImagePath"="System32\drivers\condrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\crypt32]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dam]
"ImagePath"="system32\drivers\dam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DCLocator]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DeviceAssociationService]
"ServiceDll"="%SystemRoot%\system32\das.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DeviceInstall]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dfsc]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\disk]
"ImagePath"="System32\drivers\disk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dmvsc]
"ImagePath"="\SystemRoot\System32\drivers\dmvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot4]
"ImagePath"="\SystemRoot\system32\DRIVERS\Dot4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dot4Print]
"ImagePath"="\SystemRoot\System32\drivers\Dot4Prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dot4usb]
"ImagePath"="\SystemRoot\system32\DRIVERS\dot4usb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DragonUpdater]
"ImagePath"="c:\program files (x86)\Comodo\Dragon\dragon_updater.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drmkaud]
"ImagePath"="\SystemRoot\system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DsmSvc]
"ServiceDll"="%SystemRoot%\System32\DeviceSetupManager.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\e1yexpress]
"ImagePath"="\SystemRoot\system32\DRIVERS\e1y60x64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eaphost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ebdrv]
"ImagePath"="System32\drivers\evbda.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EhStorClass]
"ImagePath"="System32\drivers\EhStorClass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EhStorTcgDrv]
"ImagePath"="System32\drivers\EhStorTcgDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ErrDev]
"ImagePath"="\SystemRoot\System32\drivers\errdev.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESENT]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\exfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fastfat]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdc]
"ImagePath"="\SystemRoot\System32\drivers\fdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fhsvc]
"ServiceDll"="%SystemRoot%\system32\fhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FileInfo]
"ImagePath"="System32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\flpydisk]
"ImagePath"="\SystemRoot\System32\drivers\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FxPPM]
"ImagePath"="\SystemRoot\System32\drivers\fxppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gagp30kx]
"ImagePath"="System32\drivers\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GamesAppService]
"ImagePath"="\"c:\program files (x86)\WildTangent Games\App\GamesAppService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GEARAspiWDM]
"ImagePath"="\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GeekBuddyRSP]
"ImagePath"="\"c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe\" -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gencounter]
"ImagePath"="\SystemRoot\System32\drivers\vmgencounter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GPIOClx0101]
"ImagePath"="System32\Drivers\msgpioclx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gupdate]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gupdatem]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\gusvc]
"ImagePath"="\"c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HdAudAddService]
"ImagePath"="\SystemRoot\system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HDAudBus]
"ImagePath"="\SystemRoot\System32\drivers\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidBatt]
"ImagePath"="\SystemRoot\System32\drivers\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidBth]
"ImagePath"="\SystemRoot\System32\drivers\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hidi2c]
"ImagePath"="\SystemRoot\System32\drivers\hidi2c.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidIr]
"ImagePath"="\SystemRoot\System32\drivers\hidir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HidUsb]
"ImagePath"="\SystemRoot\System32\drivers\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqcxs08]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hpqddsvc]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HpSAMD]
"ImagePath"="System32\drivers\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HPSLPSVC]
"ServiceDll"="c:\program files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTCAND64]
"ImagePath"="\SystemRoot\System32\Drivers\ANDROIDUSB.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTCMonitorService]
"ImagePath"="\"c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\htcnprot]
"ImagePath"="\SystemRoot\system32\DRIVERS\htcnprot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\hyperkbd]
"ImagePath"="\SystemRoot\System32\drivers\hyperkbd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HyperVideo]
"ImagePath"="\SystemRoot\system32\DRIVERS\HyperVideo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\i8042prt]
"ImagePath"="\SystemRoot\System32\drivers\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStorA]
"ImagePath"="System32\drivers\iaStorA.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iaStorV]
"ImagePath"="System32\drivers\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IconMan_R]
"ImagePath"="\"c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iirsp]
"ImagePath"="System32\drivers\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\inspect]
"ImagePath"="\SystemRoot\system32\DRIVERS\inspect.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="\SystemRoot\system32\drivers\RTKVHD64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Intel(R) Capability Licensing Service Interface]
"ImagePath"="\"c:\program files\Intel\iCLS Client\HeciServer.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Intel(R) ME Service]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelide]
"ImagePath"="System32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\intelppm]
"ImagePath"="\SystemRoot\System32\drivers\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPMIDRV]
"ImagePath"="\SystemRoot\System32\drivers\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iPod Service]
"ImagePath"="\"c:\program files\iPod\bin\iPodService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\isapnp]
"ImagePath"="System32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\iScsiPrt]
"ImagePath"="\SystemRoot\System32\drivers\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\jhi_service]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdclass]
"ImagePath"="\SystemRoot\System32\drivers\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbdhid]
"ImagePath"="\SystemRoot\System32\drivers\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kdnic]
"ImagePath"="\SystemRoot\system32\DRIVERS\kdnic.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdio]
"ImagePath"="\SystemRoot\system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LMS]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Lsa]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SAS]
"ImagePath"="System32\drivers\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SAS2]
"ImagePath"="System32\drivers\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SCSI]
"ImagePath"="System32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSI_SSS]
"ImagePath"="System32\drivers\lsi_sss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\LSM]
"ServiceDll"="%SystemRoot%\System32\lsm.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMScheduler]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\McOobeSv2]
"ImagePath"="\"c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe\" /McCoreSvc"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\megasas]
"ImagePath"="System32\drivers\megasas.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MegaSR]
"ImagePath"="System32\drivers\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEIx64]
"ImagePath"="\SystemRoot\System32\drivers\HECIx64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mfebopk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft SharePoint Workspace Audit Service]
"ImagePath"="\"c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE\" /auditservice"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\monitor]
"ImagePath"="\SystemRoot\System32\drivers\monitor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouclass]
"ImagePath"="\SystemRoot\System32\drivers\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mouhid]
"ImagePath"="\SystemRoot\System32\drivers\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsBridge]
"ImagePath"="\SystemRoot\system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSDTC Bridge 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msgpiowin32]
"ImagePath"="\SystemRoot\System32\drivers\msgpiowin32.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mshidumdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidumdf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msisadrv]
"ImagePath"="System32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSKSSRV]
"ImagePath"="\SystemRoot\system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsLldp]
"ImagePath"="\SystemRoot\system32\DRIVERS\mslldp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPCLOCK]
"ImagePath"="\SystemRoot\system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSPQM]
"ImagePath"="\SystemRoot\system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MsRPC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mssmbios]
"ImagePath"="\SystemRoot\System32\drivers\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MSTEE]
"ImagePath"="\SystemRoot\system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MTConfig]
"ImagePath"="\SystemRoot\System32\drivers\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mvumis]
"ImagePath"="System32\drivers\mvumis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NativeWifiP]
"ImagePath"="\SystemRoot\system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NcaSvc]
"ServiceDll"="%SystemRoot%\System32\ncasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NcdAutoSetup]
"ServiceDll"="%SystemRoot%\System32\NcdAutoSetup.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisCap]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisImPlatform]
"ImagePath"="\SystemRoot\system32\DRIVERS\NdisImPlatform.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisTapi]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ndisuio]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NdisWan]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDISWANLEGACY]
"ImagePath"="\SystemRoot\system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ndu]
"ImagePath"="system32\drivers\Ndu.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Net Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZinw12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netlogon]
"ImagePath"="%systemroot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetworkSupport]
"ImagePath"="\"c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nfrd960]
"ImagePath"="System32\drivers\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npsvctrig]
"ImagePath"="\SystemRoot\System32\drivers\npsvctrig.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NTDS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvlddmkm]
"ImagePath"="\SystemRoot\system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvraid]
"ImagePath"="System32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nvstor]
"ImagePath"="System32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\nv_agp]
"ImagePath"="System32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ose]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\osppsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Outlook]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Parport]
"ImagePath"="\SystemRoot\System32\drivers\parport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PassThru Service]
"ImagePath"="c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pci]
"ImagePath"="System32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pciide]
"ImagePath"="System32\drivers\pciide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pcmcia]
"ImagePath"="System32\drivers\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdc]
"ImagePath"="system32\drivers\pdc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PMBDeviceInfoProvider]
"ImagePath"="\"c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Pml Driver HPZ12]
"ServiceDll"="c:\windows\System32\HPZipm12.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PortProxy]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PptpMiniport]
"ImagePath"="\SystemRoot\system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PrintNotify]
"ServiceDll"="c:\windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Processor]
"ImagePath"="\SystemRoot\System32\drivers\processr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Psched]
"ImagePath"="\SystemRoot\system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAgileVpn]
"ImagePath"="\SystemRoot\system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Rasl2tp]
"ImagePath"="\SystemRoot\system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasPppoe]
"ImagePath"="\SystemRoot\system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RasSstp]
"ImagePath"="\SystemRoot\system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDMANDK]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdpbus]
"ImagePath"="\SystemRoot\System32\drivers\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPDR]
"ImagePath"="System32\drivers\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPUDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RdpVideoMiniport]
"ImagePath"="System32\drivers\rdpvideominiport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RFCOMM]
"ImagePath"="\SystemRoot\System32\drivers\rfcomm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RSPCIESTOR]
"ImagePath"="\SystemRoot\system32\DRIVERS\RtsPStor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rspndr]
"ImagePath"="\SystemRoot\system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\RTL8168]
"ImagePath"="\SystemRoot\system32\DRIVERS\Rt630x64.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\s3cap]
"ImagePath"="\SystemRoot\System32\drivers\vms3cap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sbp2port]
"ImagePath"="System32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdbus]
"ImagePath"="\SystemRoot\System32\drivers\sdbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sdstor]
"ImagePath"="\SystemRoot\System32\drivers\sdstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\secdrv]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\System32\sens.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SerCx]
"ImagePath"="system32\drivers\SerCx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serenum]
"ImagePath"="\SystemRoot\System32\drivers\serenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Serial]
"ImagePath"="\SystemRoot\System32\drivers\serial.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sermouse]
"ImagePath"="\SystemRoot\System32\drivers\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SFEP]
"ImagePath"="\SystemRoot\System32\drivers\SFEP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sfloppy]
"ImagePath"="\SystemRoot\System32\drivers\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid2]
"ImagePath"="System32\drivers\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SiSRaid4]
"ImagePath"="System32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SmbDrvI]
"ImagePath"="\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SMSvcHost 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHCImp]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHDms]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOHDs]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SOWS]
"ImagePath"="\SystemRoot\System32\drivers\sows.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\spaceport]
"ImagePath"="System32\drivers\spaceport.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SpbCx]
"ImagePath"="system32\drivers\SpbCx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SpfService]
"ImagePath"="\"c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\stexstor]
"ImagePath"="System32\drivers\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storahci]
"ImagePath"="System32\drivers\storahci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storflt]
"ImagePath"="system32\DRIVERS\vmstorfl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\StorSvc]
"ServiceDll"="%SystemRoot%\system32\storsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\storvsc]
"ImagePath"="System32\drivers\storvsc.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\svsvc]
"ServiceDll"="%SystemRoot%\system32\svsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swenum]
"ImagePath"="\SystemRoot\System32\drivers\swenum.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SynTP]
"ImagePath"="\SystemRoot\system32\DRIVERS\SynTP.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SystemEventsBroker]
"ServiceDll"="%SystemRoot%\System32\SystemEventsBrokerServer.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIP6]
"ImagePath"="\SystemRoot\system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\terminpt]
"ImagePath"="\SystemRoot\System32\drivers\terminpt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TimeBroker]
"ServiceDll"="%SystemRoot%\System32\TimeBrokerServer.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TPM]
"ImagePath"="\SystemRoot\system32\drivers\tpm.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TsUsbFlt]
"ImagePath"="system32\drivers\tsusbflt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TsUsbGD]
"ImagePath"="\SystemRoot\System32\drivers\TsUsbGD.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tunnel]
"ImagePath"="\SystemRoot\system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uagp35]
"ImagePath"="System32\drivers\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UASPStor]
"ImagePath"="\SystemRoot\System32\drivers\uaspstor.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UCX01000]
"ImagePath"="\SystemRoot\System32\drivers\ucx01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGatherer]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\uliagpkx]
"ImagePath"="System32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\umbus]
"ImagePath"="\SystemRoot\System32\drivers\umbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UmPass]
"ImagePath"="\SystemRoot\System32\drivers\umpass.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UmRdpService]
"ServiceDll"="%SystemRoot%\System32\umrdp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UNS]
"ImagePath"="\"c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbccgp]
"ImagePath"="\SystemRoot\System32\drivers\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbcir]
"ImagePath"="\SystemRoot\System32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbehci]
"ImagePath"="\SystemRoot\System32\drivers\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbhub]
"ImagePath"="\SystemRoot\System32\drivers\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBHUB3]
"ImagePath"="\SystemRoot\System32\drivers\UsbHub3.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbohci]
"ImagePath"="\SystemRoot\System32\drivers\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbprint]
"ImagePath"="\SystemRoot\System32\drivers\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbscan]
"ImagePath"="\SystemRoot\system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBSTOR]
"ImagePath"="\SystemRoot\System32\drivers\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbuhci]
"ImagePath"="\SystemRoot\System32\drivers\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\usbvideo]
"ImagePath"="\SystemRoot\System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\USBXHCI]
"ImagePath"="\SystemRoot\System32\drivers\USBXHCI.SYS"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VAIO Event Service]
"ImagePath"="\"c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VAIO Power Management]
"ImagePath"="\"c:\program files\Sony\VAIO Power Management\SPMService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VCFw]
"ImagePath"="\"c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VCService]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCService.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdrvroot]
"ImagePath"="System32\drivers\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VerifierExt]
"ImagePath"="system32\drivers\VerifierExt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vhdmp]
"ImagePath"="\SystemRoot\System32\drivers\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\viaide]
"ImagePath"="System32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmbus]
"ImagePath"="System32\drivers\vmbus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VMBusHID]
"ImagePath"="\SystemRoot\System32\drivers\VMBusHID.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicheartbeat]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmickvpexchange]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicrdv]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicshutdown]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmictimesync]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vmicvss]
"ServiceDll"="%SystemRoot%\System32\ICSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgr]
"ImagePath"="System32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\volsnap]
"ImagePath"="System32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vpci]
"ImagePath"="\SystemRoot\System32\drivers\vpci.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vsmraid]
"ImagePath"="System32\drivers\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VSTXRAID]
"ImagePath"="System32\drivers\vstxraid.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VUAgent]
"ImagePath"="\"c:\program files\Sony\VAIO Update\VUAgent.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwifibus]
"ImagePath"="\SystemRoot\System32\drivers\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwififlt]
"ImagePath"="\SystemRoot\system32\DRIVERS\vwififlt.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vwifimp]
"ImagePath"="\SystemRoot\system32\DRIVERS\vwifimp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WacomPen]
"ImagePath"="\SystemRoot\System32\drivers\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarp]
"ImagePath"="\SystemRoot\system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wanarpv6]
"ImagePath"="\SystemRoot\system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wcmsvc]
"ServiceDll"="%SystemRoot%\System32\wcmsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wd]
"ImagePath"="System32\drivers\wd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdBoot]
"ImagePath"="\SystemRoot\system32\drivers\WdBoot.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdFilter]
"ImagePath"="\SystemRoot\system32\drivers\WdFilter.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WFPLWFS]
"ImagePath"="system32\DRIVERS\wfplwfs.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WiaRpc]
"ServiceDll"="%SystemRoot%\System32\wiarpc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
"ImagePath"="%ProgramFiles%\Windows Defender\MsMpEng.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinHttpAutoProxySvc]
"ServiceDll"="%SystemRoot%\system32\winhttp.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinUsb]
"ImagePath"="\SystemRoot\system32\DRIVERS\WinUsb.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WlanSvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wlidsvc]
"ServiceDll"="%SystemRoot%\system32\wlidsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiAcpi]
"ImagePath"="\SystemRoot\System32\drivers\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\workerdd]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wpcfltr]
"ImagePath"="system32\DRIVERS\wpcfltr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WpdUpFltr]
"ImagePath"="System32\drivers\WpdUpFltr.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WSService]
"ServiceDll"="%SystemRoot%\System32\WSService.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFRd]
"ImagePath"="\SystemRoot\System32\drivers\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFSensorLP]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFWpdFs]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WUDFWpdMtp]
"ImagePath"="\SystemRoot\system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\xmlprov]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZAtheros Bt and Wlan Coex Agent]
"ImagePath"="c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{6F9BC21C-C0D5-4C8B-9D6B-1BC1E44614A0}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{C02CAB3E-C922-4371-A1DD-E72CF76EF979}]
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{FE5B7D82-DFC8-4B41-B6E1-F5095F58894B}]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-08-23  17:40:31
ComboFix-quarantined-files.txt  2013-08-23 15:40
.
Vor Suchlauf: 12 Verzeichnis(se), 900.028.833.792 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 901.355.536.384 Bytes frei
.
- - End Of File - - 2D71222EF2F7F32F51A6BBC4F807EF73

schrauber 24.08.2013 09:07
passt so :)

Malwarebytes updaten, Quick Scan, Funde löschen lassen.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Annyso 24.08.2013 13:52
Hallo Schrauber,
heir die gewünschten logs:

Adwcleaner:
Code:
# AdwCleaner v3.000 - Report created 24/08/2013 at 14:20:22
# Updated 20/08/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Annika - ANNIKA
# Running from : C:\Users\Annika\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Users\Annika\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Annika\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Annika\AppData\Roaming\DSite
Folder Deleted : C:\Users\Annika\AppData\Roaming\dvdvideosoftiehelpers
File Deleted : C:\Windows\System32\Tasks\EPUpdater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\5d53dfd0b23ce443
Key Deleted : HKLM\SOFTWARE\5d53dfd0b23ce443
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v28.0.1500.95

[ File : C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [3371 octets] - [24/08/2013 14:18:32]
AdwCleaner[S0].txt - [3027 octets] - [24/08/2013 14:20:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3087 octets] ##########
Junkware:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 8 x64
Ran by Annika on 24.08.2013 at 14:27:55,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\openit"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Annika\appdata\local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2013 at 14:46:47,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013
Ran by Annika (administrator) on 23-08-2013 12:49:06
Running from C:\Users\Annika\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files\Sony\VAIO Care\listener.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\helppane.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-10-09] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [NTRedirect] - C:\Users\Annika\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [187888 2013-08-22] ()
MountPoints2: {0fad8263-76e0-11e2-be81-083e8ede7d6a} - "E:\WD SmartWare.exe" autoplay=true
MountPoints2: {6b421f67-c62a-11e2-be93-083e8ede7d6a} - "E:\HTC_Sync_Manager_PC.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-08-07] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [gbrspcontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0E6C2594-7233-4D08-82DF-C85F690256C9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6E19083E8EDE7D6A&affID=119357&tsp=4983
SearchScopes: HKCU - {17C2CAE1-FF5B-44F6-B753-C3EDCCBE4FDC} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 195.50.140.246 192.168.0.1
Tcpip\..\Interfaces\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}: [NameServer]156.154.70.22,156.154.71.22

Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DealPly  Shopping) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\3.5.0.0_0
CHR Extension: (DVDVideoSoft) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Gmail) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Annika\AppData\Roaming\BabSolution\CR\Delta.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243728 2012-06-29] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-07-24] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095808 2013-08-01] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S1 CFRMD; C:\Windows\SysWow64\DRIVERS\CFRMD.sys [40224 2012-09-21] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [713776 2013-07-08] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2013-06-18] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-06-18] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S1 CFRMD; system32\DRIVERS\CFRMD.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Dealply
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Local\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\DSite
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-23 12:16 - 2013-08-23 12:17 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-23 12:16 - 2013-08-23 12:16 - 00003388 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Babylon
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\BabSolution
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 18:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-15 13:12 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-15 13:12 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-15 11:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 11:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 11:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 11:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-15 11:42 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:42 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:42 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 11:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-15 11:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-31 13:27 - 2013-08-15 13:51 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 11:40 - 2013-07-26 11:41 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

2013-08-23 12:48 - 2013-08-23 12:48 - 01576474 _____ (Farbar) C:\Users\Annika\Desktop\FRST64.exe
2013-08-23 12:42 - 2012-12-30 19:01 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-08-23 12:29 - 2012-12-29 18:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Dealply
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Local\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\ProgramData\DealPlyLive
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Program Files (x86)\DealPlyLive
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Users\Annika\AppData\Roaming\DSite
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-08-23 12:18 - 2013-08-23 12:18 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-23 12:17 - 2013-08-23 12:16 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-08-23 12:16 - 2013-08-23 12:16 - 00003388 _____ C:\Windows\System32\Tasks\EPUpdater
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Babylon
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\Users\Annika\AppData\Roaming\BabSolution
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-23 12:16 - 2013-08-23 12:16 - 00000000 ____D C:\ProgramData\Babylon
2013-08-23 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-23 11:58 - 2012-12-29 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-23 11:51 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika\AppData\Local\Packages
2013-08-23 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-23 11:31 - 2012-10-29 11:08 - 01251434 _____ C:\Windows\WindowsUpdate.log
2013-08-23 11:21 - 2012-12-29 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-23 00:03 - 2013-06-26 12:15 - 00000000 ____D C:\Users\Annika\AppData\Local\HTC MediaHub
2013-08-23 00:01 - 2012-08-03 04:22 - 00061664 _____ C:\Windows\PFRO.log
2013-08-23 00:01 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-23 00:01 - 2012-07-26 07:26 - 01310720 ___SH C:\Windows\system32\config\BBI
2013-08-22 22:03 - 2012-10-29 10:50 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-22 22:03 - 2012-10-29 10:50 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-22 22:03 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-22 20:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-22 20:15 - 2013-01-21 21:52 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Swiss Academic Software
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-20 19:29 - 2012-12-29 18:33 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-18 01:29 - 2012-12-27 18:52 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2354407877-180793676-4171637688-1001
2013-08-16 12:31 - 2012-12-28 11:11 - 00000000 ____D C:\Users\Annika\AppData\Local\CrashDumps
2013-08-15 13:51 - 2013-07-31 13:27 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:50 - 2012-12-28 12:12 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-13 13:50 - 2013-05-22 11:07 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-05 23:57 - 2013-06-05 14:07 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-08-01 12:30 - 2013-06-12 17:37 - 00000000 ____D C:\Users\Annika\Documents\Vodafone
2013-07-31 17:59 - 2012-12-29 18:34 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-27 12:20 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika
2013-07-26 21:36 - 2013-01-22 10:01 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2013-07-26 12:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-26 11:41 - 2013-07-26 11:40 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 11:38 - 2013-01-21 21:26 - 00000000 ____D C:\Users\Annika\Documents\Studium
2013-07-26 11:18 - 2012-07-26 09:21 - 00036617 _____ C:\Windows\setupact.log
2013-07-26 07:13 - 2013-08-15 11:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 11:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 11:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-15 11:42 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-20 10:55

==================== End Of Log ============================
--- --- ---

schrauber 24.08.2013 18:03

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Annyso 24.08.2013 21:09
Eset log:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8876d0eb0314974eb311a4f23caa3aa7
# engine=14887
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-24 06:28:26
# local_time=2013-08-24 08:28:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=3074 16777213 100 84 8758 23822328 0 0
# compatibility_mode=5893 16776574 100 94 183443 36875017 0 0
# scanned=145612
# found=2
# cleaned=0
# scan_time=3546
sh=C871F2F22BE62631F3C01F91378419D32AFFA8E8 ft=1 fh=1495b2591e0e47a0 vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir"
sh=4FAB3A74998DB9D6724EA1E66505244ABE0F18CF ft=1 fh=310ddac3797b6da7 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8876d0eb0314974eb311a4f23caa3aa7
# engine=14887
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-24 07:58:20
# local_time=2013-08-24 09:58:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=3074 16777213 100 84 14152 23827722 0 0
# compatibility_mode=5893 16776574 100 94 188837 36880411 0 0
# scanned=270759
# found=4
# cleaned=0
# scan_time=5276
sh=C871F2F22BE62631F3C01F91378419D32AFFA8E8 ft=1 fh=1495b2591e0e47a0 vn="a variant of Win32/SpeedingUpMyPC application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir"
sh=4FAB3A74998DB9D6724EA1E66505244ABE0F18CF ft=1 fh=310ddac3797b6da7 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir"
sh=078877561669B07345D1BD114466C445135B179F ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PIS trojan" ac=I fn="C:\Users\Annika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\75e2cae9-2ecf755f"
sh=078877561669B07345D1BD114466C445135B179F ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PIS trojan" ac=I fn="C:\Users\Annika\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\75e2cae9-7f066b62"
SecurityScan:
Code:
Results of screen317's Security Check version 0.99.72 
  x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
COMODO Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java(TM) 7 Update 5 
 Java version out of Date!
 Adobe Flash Player        11.8.800.94 
 Adobe Reader XI 
 Google Chrome 28.0.1500.72 
 Google Chrome 28.0.1500.95 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Comodo Firewall cmdagent.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2013 01
Ran by Annika (administrator) on 24-08-2013 22:08:59
Running from C:\Users\Annika\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
() C:\Users\Annika\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-10-09] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-08-07] (cyberlink)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [gbrspcontrol] - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0E6C2594-7233-4D08-82DF-C85F690256C9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {17C2CAE1-FF5B-44F6-B753-C3EDCCBE4FDC} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 195.50.140.246 192.168.0.1
Tcpip\..\Interfaces\{24A81BF4-0E10-4C27-8267-57457FE0AAAF}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{BDE6DF5D-410E-41E2-8B01-D6265C6A1CBD}: [NameServer]156.154.70.22,156.154.71.22

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Google Drive) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Gmail) - C:\Users\Annika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [243728 2012-06-29] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-07-24] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095808 2013-08-01] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S1 CFRMD; C:\Windows\SysWow64\DRIVERS\CFRMD.sys [40224 2012-09-21] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [713776 2013-07-08] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2013-06-18] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-06-18] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 CFRMD; system32\DRIVERS\CFRMD.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-24 22:05 - 2013-08-24 22:05 - 00891115 _____ C:\Users\Annika\Desktop\SecurityCheck.exe
2013-08-24 19:26 - 2013-08-24 19:26 - 02347384 _____ (ESET) C:\Users\Annika\Desktop\esetsmartinstaller_enu.exe
2013-08-24 14:46 - 2013-08-24 14:46 - 00001294 _____ C:\Users\Annika\Desktop\JRT.txt
2013-08-24 14:27 - 2013-08-24 14:27 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 14:26 - 2013-08-24 14:26 - 01021434 _____ (Thisisu) C:\Users\Annika\Desktop\JRT.exe
2013-08-24 14:18 - 2013-08-24 14:20 - 00000000 ____D C:\AdwCleaner
2013-08-24 14:16 - 2013-08-24 14:16 - 00975858 _____ C:\Users\Annika\Desktop\adwcleaner.exe
2013-08-23 17:40 - 2013-08-23 17:40 - 00090478 _____ C:\ComboFix.txt
2013-08-23 17:09 - 2013-08-23 17:41 - 00000000 ____D C:\Qoobox
2013-08-23 17:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-23 17:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-23 17:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-23 17:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-23 17:08 - 2013-08-23 17:36 - 00000000 ____D C:\Windows\erdnt
2013-08-23 15:13 - 2013-08-23 15:14 - 05111180 ____R (Swearware) C:\Users\Annika\Desktop\ComboFix.exe
2013-08-23 12:49 - 2013-08-23 12:49 - 00033561 _____ C:\Users\Annika\Desktop\Addition.txt
2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 18:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-15 13:12 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-15 13:12 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-15 11:42 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-15 11:42 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 11:42 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 11:42 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 11:42 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 11:42 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 11:42 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 11:42 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 11:42 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-15 11:42 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 11:42 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 11:42 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 11:40 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 11:40 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-15 11:40 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-15 11:40 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-31 13:27 - 2013-08-15 13:51 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 11:40 - 2013-07-26 11:41 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

2013-08-24 22:08 - 2013-08-24 22:08 - 01576734 _____ (Farbar) C:\Users\Annika\Desktop\FRST64.exe
2013-08-24 22:05 - 2013-08-24 22:05 - 00891115 _____ C:\Users\Annika\Desktop\SecurityCheck.exe
2013-08-24 22:05 - 2012-12-30 19:01 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2013-08-24 22:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-24 21:58 - 2012-12-29 18:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-24 21:29 - 2012-12-29 18:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-24 20:33 - 2012-10-29 11:08 - 01531135 _____ C:\Windows\WindowsUpdate.log
2013-08-24 19:26 - 2013-08-24 19:26 - 02347384 _____ (ESET) C:\Users\Annika\Desktop\esetsmartinstaller_enu.exe
2013-08-24 19:26 - 2012-10-29 10:50 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-08-24 19:26 - 2012-10-29 10:50 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-08-24 19:26 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-24 19:22 - 2013-06-26 12:15 - 00000000 ____D C:\Users\Annika\AppData\Local\HTC MediaHub
2013-08-24 19:22 - 2012-12-29 18:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-24 19:21 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-24 19:20 - 2012-07-26 07:26 - 01310720 ___SH C:\Windows\system32\config\BBI
2013-08-24 14:46 - 2013-08-24 14:46 - 00001294 _____ C:\Users\Annika\Desktop\JRT.txt
2013-08-24 14:27 - 2013-08-24 14:27 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 14:26 - 2013-08-24 14:26 - 01021434 _____ (Thisisu) C:\Users\Annika\Desktop\JRT.exe
2013-08-24 14:20 - 2013-08-24 14:18 - 00000000 ____D C:\AdwCleaner
2013-08-24 14:16 - 2013-08-24 14:16 - 00975858 _____ C:\Users\Annika\Desktop\adwcleaner.exe
2013-08-24 14:13 - 2012-08-03 04:22 - 00071986 _____ C:\Windows\PFRO.log
2013-08-23 17:41 - 2013-08-23 17:09 - 00000000 ____D C:\Qoobox
2013-08-23 17:41 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-08-23 17:40 - 2013-08-23 17:40 - 00090478 _____ C:\ComboFix.txt
2013-08-23 17:36 - 2013-08-23 17:08 - 00000000 ____D C:\Windows\erdnt
2013-08-23 17:24 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-08-23 15:14 - 2013-08-23 15:13 - 05111180 ____R (Swearware) C:\Users\Annika\Desktop\ComboFix.exe
2013-08-23 12:49 - 2013-08-23 12:49 - 00033561 _____ C:\Users\Annika\Desktop\Addition.txt
2013-08-23 12:21 - 2013-08-23 12:21 - 00000000 ____D C:\FRST
2013-08-23 12:19 - 2013-08-23 12:19 - 00000000 ____D C:\Users\Annika\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-08-23 11:51 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika\AppData\Local\Packages
2013-08-23 11:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-22 20:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-22 20:15 - 2013-01-21 21:52 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Swiss Academic Software
2013-08-22 18:37 - 2013-08-22 18:37 - 00000000 ____D C:\Users\Annika\AppData\Roaming\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-22 18:36 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-22 17:31 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-20 19:29 - 2012-12-29 18:33 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-18 01:29 - 2012-12-27 18:52 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2354407877-180793676-4171637688-1001
2013-08-16 12:31 - 2012-12-28 11:11 - 00000000 ____D C:\Users\Annika\AppData\Local\CrashDumps
2013-08-15 13:51 - 2013-07-31 13:27 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:50 - 2012-12-28 12:12 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 13:50 - 2013-08-13 13:50 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iTunes
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files\iPod
2013-08-13 13:50 - 2013-08-13 13:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-13 13:50 - 2013-05-22 11:07 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-05 23:57 - 2013-06-05 14:07 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-08-05 23:57 - 2012-12-30 18:59 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-08-01 12:30 - 2013-06-12 17:37 - 00000000 ____D C:\Users\Annika\Documents\Vodafone
2013-07-31 17:59 - 2012-12-29 18:34 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-27 12:20 - 2012-12-27 18:43 - 00000000 ____D C:\Users\Annika
2013-07-26 21:36 - 2013-01-22 10:01 - 00002043 _____ C:\Users\Public\Desktop\GeekBuddy.lnk
2013-07-26 12:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-26 11:41 - 2013-07-26 11:40 - 00448288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 11:38 - 2013-01-21 21:26 - 00000000 ____D C:\Users\Annika\Documents\Studium
2013-07-26 11:18 - 2012-07-26 09:21 - 00036617 _____ C:\Windows\setupact.log
2013-07-26 07:13 - 2013-08-15 11:42 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-15 11:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-15 11:42 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-15 11:42 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-15 11:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-15 11:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-15 11:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-15 11:42 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-15 11:42 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

Files to move or delete:
====================
C:\Users\Annika\AppData\Local\Temp\Quarantine.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
C:\Users\Annika\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
C:\Users\Annika\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Annika\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-20 10:55

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 25.08.2013 06:12
Java updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Annyso 25.08.2013 09:07
Vielen Vielen Dank Schauber!! Alles erledigt! Du hast mir so geholfen! echt eine tolle arbeit die hier leistet!
DANKE DANKE DANKE!:D

schrauber 25.08.2013 12:35
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:26 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131