Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8: "Gesellschaft zur Verfügung von Urheberrechtsverletzungen" (https://www.trojaner-board.de/141667-windows-8-gesellschaft-verfuegung-urheberrechtsverletzungen.html)

Wayne123 16.09.2013 18:21
Windows 8: "Gesellschaft zur Verfügung von Urheberrechtsverletzungen"
 
Hallo,

mein Windows 8 Rechner wurde von "Gesellschaft zur Verfügung von Urheberrechtsverletzungen" befallen.

Ich bin entsprechend den Anweisungen hier im Forum vorgegangen und habe nach ausführen der FRST64.exe das Ergebnis in die FRST.txt gespeichert.

Hier der Inhalt:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 01
Ran by SYSTEM on MININT-G8L28Q2 on 16-09-2013 18:57:16
Running from D:\
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-11-08] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1569536 2013-05-01] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AT Service signup] - c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SMB60StarMoneyRunEntry] - C:\Program Files (x86)\StarMoney Business 6.0\app\oflagent.exe [48272 2013-08-26] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [TrayServer] - C:\program files (x86)\magix\video_deluxe_16_premium\trayserver.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH)
HKU\Oliver Krecek\...\Run: [HP ENVY 110 series (NET)] - C:\Program Files\HP\HP ENVY 110 series\Bin\scantopcactivationapp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\Oliver Krecek\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKU\Oliver Krecek\...\Run: [ANT Agent] - C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe [14731776 2013-02-15] (GARMIN Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [250504 2013-03-15] (NVIDIA Corporation)
Startup: C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8zwl8z1tj6.lnk
ShortcutTarget: 8zwl8z1tj6.lnk -> C:\PROGRA~3\6jt1z8lwz8.plz (Daniel Pistelli)
Startup: C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk -> C:\Program Files\HP\HP ENVY 110 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Services (Whitelisted) =================

S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-02-26] (Bitdefender)
S2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
S2 FPLService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2125160 2012-07-17] (AuthenTec, Inc)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
S2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-06-13] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [68856 2013-02-26] (Bitdefender)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646792 2013-05-01] (Bitdefender)
S3 VUAgent; c:\program files\sony\vaio update\vuagent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-05-01] (BitDefender)
S3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-05-01] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)
S1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-05-01] (BitDefender LLC)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [106568 2012-10-17] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2012-11-12] (BitDefender SRL)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DSI_SiUSBXp_3_1; C:\Windows\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories)
S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
S3 Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
S3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
S3 Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
S3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [350160 2012-10-31] (BitDefender S.R.L.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 18:57 - 2013-09-16 18:57 - 00000000 ____D C:\FRST
2013-09-16 17:53 - 2013-09-16 17:53 - 00000297 _____ C:\ProgramData\8zwl8z1tj6.reg
2013-09-16 17:17 - 2013-09-16 17:53 - 95025368 ____T C:\ProgramData\8zwl8z1tj6.pff
2013-09-16 17:17 - 2013-09-16 17:53 - 00000000 _____ C:\ProgramData\8zwl8z1tj6.ctrl
2013-09-16 17:17 - 2013-09-16 17:17 - 00192892 _____ (Daniel Pistelli) C:\ProgramData\6jt1z8lwz8.plz
2013-09-16 17:17 - 2013-09-16 17:17 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\8zwl8z1tj6.pzz
2013-09-15 10:09 - 2013-09-15 10:09 - 00607744 ____N C:\Users\Oliver Krecek\Desktop\Lauftagebuch.xls
2013-09-14 10:03 - 2013-09-14 10:03 - 00001116 _____ C:\Users\Public\Desktop\Reiserführer AMI.lnk
2013-09-14 10:03 - 2013-09-14 10:03 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\7d4c316f1b70d0ac68316da554a221bb
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Program Files (x86)\aqua
2013-09-14 06:59 - 2013-09-14 06:59 - 00410288 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-14 06:59 - 2013-09-14 06:59 - 00305216 _____ C:\Windows\Minidump\091413-44562-01.dmp
2013-09-12 17:53 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2013-09-12 17:53 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\System32\NotificationUI.exe
2013-09-12 17:53 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2013-09-12 17:53 - 2013-08-16 06:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2013-09-12 17:53 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\sppc.dll
2013-09-12 17:53 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2013-09-12 17:53 - 2013-08-15 23:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-12 17:53 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-12 17:53 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-12 17:53 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-12 17:52 - 2013-08-21 05:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-12 17:52 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-09-12 17:52 - 2013-08-16 06:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-09-12 17:52 - 2013-08-16 06:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-09-12 17:52 - 2013-08-16 06:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\setupcln.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-09-12 17:52 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-12 17:52 - 2013-08-15 23:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-12 17:52 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-12 17:52 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-12 17:51 - 2013-08-21 05:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-12 17:51 - 2013-08-21 05:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-12 17:51 - 2013-08-21 05:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-12 17:51 - 2013-08-21 05:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-12 17:51 - 2013-08-21 03:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-12 17:51 - 2013-08-21 03:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 17:51 - 2013-08-21 03:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 17:51 - 2013-08-21 03:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 17:51 - 2013-08-21 03:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 17:51 - 2013-08-21 02:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 17:51 - 2013-08-21 00:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-12 02:04 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-09-12 02:04 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2013-09-12 02:04 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-12 02:04 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-12 02:04 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\System32\wwanmm.dll
2013-09-12 02:04 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2013-09-12 02:04 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\System32\Wwanadvui.dll
2013-09-12 02:04 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\System32\LocationApi.dll
2013-09-12 02:04 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-09-12 02:04 - 2013-07-03 01:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-09-12 02:04 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-09-12 02:04 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2013-09-12 02:04 - 2013-07-03 01:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-09-12 02:04 - 2013-07-03 01:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-12 02:04 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-12 02:04 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-12 02:04 - 2013-07-01 23:08 - 00387583 _____ C:\Windows\System32\ApnDatabase.xml
2013-09-12 02:04 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-12 02:04 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\openfiles.exe
2013-09-12 02:04 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-09-12 02:04 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-09-12 02:04 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-09-12 02:04 - 2013-06-29 02:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-12 02:04 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-09-12 02:04 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-09-12 02:04 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-09-12 02:04 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2013-09-12 02:04 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\System32\wcmcsp.dll
2013-09-12 02:04 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\winmmbase.dll
2013-09-12 02:04 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winmm.dll
2013-09-12 02:04 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-12 02:04 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-12 02:04 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-12 02:04 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2013-09-12 02:04 - 2013-06-10 22:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2013-09-12 02:04 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-09-12 02:04 - 2013-06-10 20:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-09-12 02:04 - 2013-06-10 20:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-09-12 02:04 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-09-12 02:04 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-12 02:04 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-12 02:04 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-09-12 02:03 - 2013-08-03 05:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-08 09:58 - 2013-09-08 09:58 - 00299488 _____ C:\Windows\Minidump\090813-20968-01.dmp
2013-09-07 21:02 - 2013-09-07 21:02 - 00307144 _____ C:\Windows\Minidump\090713-24000-01.dmp
2013-09-07 14:35 - 2013-09-07 14:35 - 00000000 ____D C:\Users\Oliver Krecek\Documents\CyberLink
2013-09-07 14:35 - 2013-09-07 14:35 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\Cyberlink
2013-09-06 14:32 - 2013-09-06 14:32 - 00307632 _____ C:\Windows\Minidump\090613-26281-01.dmp
2013-08-31 09:11 - 2013-08-31 09:11 - 00305656 _____ C:\Windows\Minidump\083113-24078-01.dmp
2013-08-30 07:59 - 2013-08-30 07:59 - 00305128 _____ C:\Windows\Minidump\083013-43250-01.dmp
2013-08-29 16:16 - 2013-08-29 16:16 - 00305160 _____ C:\Windows\Minidump\082913-35140-01.dmp
2013-08-25 09:02 - 2013-08-25 09:03 - 11390192 _____ C:\Users\Oliver Krecek\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe
2013-08-25 08:59 - 2013-08-25 08:59 - 18854112 _____ C:\Users\Oliver Krecek\Downloads\CommunicatorPlugin_404.exe
2013-08-25 08:09 - 2013-08-25 08:09 - 13537920 _____ C:\Users\Oliver Krecek\Downloads\ANTAgent_234.exe
2013-08-25 07:13 - 2013-08-25 07:13 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\Garmin
2013-08-25 07:13 - 2013-08-25 07:13 - 00000000 ____D C:\ProgramData\Garmin
2013-08-25 07:12 - 2013-08-25 09:03 - 00000000 ____D C:\Program Files (x86)\Garmin
2013-08-25 07:12 - 2013-08-25 07:13 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\Garmin
2013-08-25 07:12 - 2013-08-25 07:12 - 00000000 ____D C:\Program Files\DIFX
2013-08-25 07:10 - 2013-08-25 07:11 - 46781480 _____ C:\Users\Oliver Krecek\Downloads\TrainingCenter_365.exe
2013-08-23 07:23 - 2013-08-23 07:23 - 00300808 _____ C:\Windows\Minidump\082313-28734-01.dmp
2013-08-22 18:48 - 2013-08-22 18:48 - 00308520 _____ C:\Windows\Minidump\082213-31531-01.dmp
2013-08-18 11:30 - 2013-08-18 11:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-09-16 18:57 - 2013-09-16 18:57 - 00000000 ____D C:\FRST
2013-09-16 17:53 - 2013-09-16 17:53 - 00000297 _____ C:\ProgramData\8zwl8z1tj6.reg
2013-09-16 17:53 - 2013-09-16 17:17 - 95025368 ____T C:\ProgramData\8zwl8z1tj6.pff
2013-09-16 17:53 - 2013-09-16 17:17 - 00000000 _____ C:\ProgramData\8zwl8z1tj6.ctrl
2013-09-16 17:53 - 2013-06-23 09:16 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\FreePDF_XP
2013-09-16 17:53 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru
2013-09-16 17:52 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-16 17:29 - 2012-11-01 07:52 - 02019673 _____ C:\Windows\WindowsUpdate.log
2013-09-16 17:26 - 2013-03-29 21:43 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3158331690-901833896-3757665153-1002
2013-09-16 17:19 - 2013-03-30 00:14 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\SoftGrid Client
2013-09-16 17:17 - 2013-09-16 17:17 - 00192892 _____ (Daniel Pistelli) C:\ProgramData\6jt1z8lwz8.plz
2013-09-16 17:17 - 2013-09-16 17:17 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\8zwl8z1tj6.pzz
2013-09-16 16:04 - 2013-03-30 01:58 - 00000000 ____D C:\Users\Oliver Krecek\Documents\Outlook-Dateien
2013-09-15 17:59 - 2013-03-30 09:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 10:09 - 2013-09-15 10:09 - 00607744 ____N C:\Users\Oliver Krecek\Desktop\Lauftagebuch.xls
2013-09-15 09:06 - 2013-03-29 23:43 - 01732096 ___SH C:\Users\Oliver Krecek\Desktop\Thumbs.db
2013-09-15 08:42 - 2013-03-30 09:46 - 00005159 _____ C:\Windows\ULEAD32.INI
2013-09-14 10:03 - 2013-09-14 10:03 - 00001116 _____ C:\Users\Public\Desktop\Reiserführer AMI.lnk
2013-09-14 10:03 - 2013-09-14 10:03 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\7d4c316f1b70d0ac68316da554a221bb
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-14 10:02 - 2013-09-14 10:02 - 00000000 ____D C:\Program Files (x86)\aqua
2013-09-14 10:02 - 2013-03-30 00:06 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\Adobe
2013-09-14 10:02 - 2013-03-29 21:37 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\Adobe
2013-09-14 10:02 - 2012-11-01 08:13 - 00000000 ____D C:\ProgramData\Adobe
2013-09-14 10:02 - 2012-11-01 08:13 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-14 07:49 - 2013-03-30 13:56 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 6.0
2013-09-14 07:28 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-09-14 07:07 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\ELAM
2013-09-14 07:02 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-09-14 07:01 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-09-14 07:01 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-14 07:00 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\oobe
2013-09-14 06:59 - 2013-09-14 06:59 - 00410288 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-14 06:59 - 2013-09-14 06:59 - 00305216 _____ C:\Windows\Minidump\091413-44562-01.dmp
2013-09-14 06:59 - 2013-07-10 10:06 - 00000000 ____D C:\Windows\Minidump
2013-09-14 06:58 - 2013-07-10 10:06 - 885049272 _____ C:\Windows\MEMORY.DMP
2013-09-13 17:39 - 2013-03-30 00:13 - 01774862 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-13 17:39 - 2013-03-30 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-13 17:39 - 2012-10-31 23:46 - 00753578 _____ C:\Windows\System32\perfh007.dat
2013-09-13 17:39 - 2012-10-31 23:46 - 00156012 _____ C:\Windows\System32\perfc007.dat
2013-09-12 18:12 - 2013-03-29 23:37 - 00000000 ____D C:\Update
2013-09-12 18:03 - 2013-03-29 23:11 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-12 17:50 - 2012-11-01 07:30 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-11 02:59 - 2013-03-30 09:37 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-08 09:58 - 2013-09-08 09:58 - 00299488 _____ C:\Windows\Minidump\090813-20968-01.dmp
2013-09-07 21:02 - 2013-09-07 21:02 - 00307144 _____ C:\Windows\Minidump\090713-24000-01.dmp
2013-09-07 14:35 - 2013-09-07 14:35 - 00000000 ____D C:\Users\Oliver Krecek\Documents\CyberLink
2013-09-07 14:35 - 2013-09-07 14:35 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\Cyberlink
2013-09-07 14:35 - 2013-06-03 17:08 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\CyberLink
2013-09-07 14:35 - 2012-11-01 08:24 - 00000000 ____D C:\ProgramData\CyberLink
2013-09-06 14:32 - 2013-09-06 14:32 - 00307632 _____ C:\Windows\Minidump\090613-26281-01.dmp
2013-09-06 14:32 - 2013-03-29 21:35 - 00000000 ____D C:\users\Oliver Krecek
2013-09-05 21:09 - 2013-03-29 23:29 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 21:09 - 2013-03-29 23:29 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-01 17:35 - 2013-03-31 09:43 - 00000030 _____ C:\Windows\iedit.INI
2013-09-01 16:09 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\NDF
2013-08-31 12:05 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-31 09:11 - 2013-08-31 09:11 - 00305656 _____ C:\Windows\Minidump\083113-24078-01.dmp
2013-08-30 07:59 - 2013-08-30 07:59 - 00305128 _____ C:\Windows\Minidump\083013-43250-01.dmp
2013-08-29 16:16 - 2013-08-29 16:16 - 00305160 _____ C:\Windows\Minidump\082913-35140-01.dmp
2013-08-26 18:00 - 2012-07-26 08:28 - 01746928 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-25 09:03 - 2013-08-25 09:02 - 11390192 _____ C:\Users\Oliver Krecek\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe
2013-08-25 09:03 - 2013-08-25 07:12 - 00000000 ____D C:\Program Files (x86)\Garmin
2013-08-25 08:59 - 2013-08-25 08:59 - 18854112 _____ C:\Users\Oliver Krecek\Downloads\CommunicatorPlugin_404.exe
2013-08-25 08:09 - 2013-08-25 08:09 - 13537920 _____ C:\Users\Oliver Krecek\Downloads\ANTAgent_234.exe
2013-08-25 07:13 - 2013-08-25 07:13 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Local\Garmin
2013-08-25 07:13 - 2013-08-25 07:13 - 00000000 ____D C:\ProgramData\Garmin
2013-08-25 07:13 - 2013-08-25 07:12 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\Garmin
2013-08-25 07:12 - 2013-08-25 07:12 - 00000000 ____D C:\Program Files\DIFX
2013-08-25 07:11 - 2013-08-25 07:10 - 46781480 _____ C:\Users\Oliver Krecek\Downloads\TrainingCenter_365.exe
2013-08-23 14:47 - 2013-04-08 16:03 - 00000000 ____D C:\Users\Oliver Krecek\AppData\Roaming\HpUpdate
2013-08-23 07:23 - 2013-08-23 07:23 - 00300808 _____ C:\Windows\Minidump\082313-28734-01.dmp
2013-08-22 18:48 - 2013-08-22 18:48 - 00308520 _____ C:\Windows\Minidump\082213-31531-01.dmp
2013-08-22 18:47 - 2013-03-29 23:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-21 05:12 - 2013-09-12 17:51 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-21 05:12 - 2013-09-12 17:51 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-21 05:11 - 2013-09-12 17:52 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-21 05:11 - 2013-09-12 17:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-21 03:34 - 2013-09-12 17:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-21 03:06 - 2013-09-12 17:51 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-21 03:06 - 2013-09-12 17:51 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-21 03:06 - 2013-09-12 17:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-21 03:05 - 2013-09-12 17:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-21 02:43 - 2013-09-12 17:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-21 00:52 - 2013-09-12 17:51 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-18 11:30 - 2013-08-18 11:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\ProgramData\6jt1z8lwz8.plz
C:\ProgramData\8zwl8z1tj6.ctrl
C:\ProgramData\8zwl8z1tj6.reg


Some content of TEMP:
====================
C:\Users\Oliver Krecek\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.1.exe
C:\Users\Oliver Krecek\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Oliver Krecek\AppData\Local\Temp\npynxaxmkjjvxchwicx.bfg
C:\Users\Oliver Krecek\AppData\Local\Temp\PixelPlanetpdrv7.dll
C:\Users\Oliver Krecek\AppData\Local\Temp\PixelPlanetpdui7.dll
C:\Users\Oliver Krecek\AppData\Local\Temp\uninst1.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

7
Restore point made on: 2013-08-23 07:04:14
Restore point made on: 2013-08-31 09:27:46
Restore point made on: 2013-09-01 13:35:54
Restore point made on: 2013-09-07 21:14:33
Restore point made on: 2013-09-08 10:04:05
Restore point made on: 2013-09-12 17:50:04
Restore point made on: 2013-09-15 07:59:44

==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 6023.27 MB
Available physical RAM: 5257.21 MB
Total Pagefile: 6023.27 MB
Available Pagefile: 5266.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:434.68 GB) (Free:155.47 GB) NTFS
Drive d: (USB-STICK) (Removable) (Total:1.88 GB) (Free:1.21 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3407EBEE)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 6E652072)
No partition Table on disk 1.


LastRegBack: 2013-09-10 02:00

==================== End Of Log ============================
Für Anweisungen zum weiteren Vorgehen wäre ich sehr dankbar...

Viele Grüße
Oliver

aharonov 16.09.2013 18:46
Hallo Oliver,

startet der Rechner nach diesem Fix wieder normal?


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8zwl8z1tj6.lnk
C:\Users\Oliver Krecek\AppData\Local\Temp\npynxaxmkjjvxchwicx.bfg
2013-09-16 17:53 - 2013-09-16 17:53 - 00000297 _____ C:\ProgramData\8zwl8z1tj6.reg
2013-09-16 17:17 - 2013-09-16 17:53 - 95025368 ____T C:\ProgramData\8zwl8z1tj6.pff
2013-09-16 17:17 - 2013-09-16 17:53 - 00000000 _____ C:\ProgramData\8zwl8z1tj6.ctrl
2013-09-16 17:17 - 2013-09-16 17:17 - 00192892 _____ (Daniel Pistelli) C:\ProgramData\6jt1z8lwz8.plz
2013-09-16 17:17 - 2013-09-16 17:17 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\8zwl8z1tj6.pzz
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Wayne123 16.09.2013 19:25
Hallo Leo,

danke für Deine Hilfe.

Leider startet der Rechner nur im abgesicherten Modus ohne Probleme.

Beim normalen Start wird wieder das Fenster mit "Gesellschaft zur Verfügung von Urheberrechtsverletzungen" angezeigt und dieses Fenster ist dann eingefroren.

Hier der Inhalt der Fixlog.txt:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-09-2013 01
Ran by SYSTEM at 2013-09-16 20:14:15 Run:1
Running from D:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8zwl8z1tj6.lnk
C:\Users\Oliver Krecek\AppData\Local\Temp\npynxaxmkjjvxchwicx.bfg
2013-09-16 17:53 - 2013-09-16 17:53 - 00000297 _____ C:\ProgramData\8zwl8z1tj6.reg
2013-09-16 17:17 - 2013-09-16 17:53 - 95025368 ____T C:\ProgramData\8zwl8z1tj6.pff
2013-09-16 17:17 - 2013-09-16 17:53 - 00000000 _____ C:\ProgramData\8zwl8z1tj6.ctrl
2013-09-16 17:17 - 2013-09-16 17:17 - 00192892 _____ (Daniel Pistelli) C:\ProgramData\6jt1z8lwz8.plz
2013-09-16 17:17 - 2013-09-16 17:17 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\8zwl8z1tj6.pzz
       
*****************

C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8zwl8z1tj6.lnk => Moved successfully.
C:\Users\Oliver Krecek\AppData\Local\Temp\npynxaxmkjjvxchwicx.bfg => Moved successfully.
C:\ProgramData\8zwl8z1tj6.reg => Moved successfully.
C:\ProgramData\8zwl8z1tj6.pff => Moved successfully.
C:\ProgramData\8zwl8z1tj6.ctrl => Moved successfully.
C:\ProgramData\6jt1z8lwz8.plz => Moved successfully.
C:\ProgramData\8zwl8z1tj6.pzz => Moved successfully.

==== End of Fixlog ====
Hallo Leo,

sorry, ich hatte den Neustart nur vor dem erneuten ausführen der FRST.exe getestet. Nun habe ich den Rechner nach dem durchführen der FRST.exe neu gestartet und siehe da, der eingefrorene Bildschirm wird nicht mehr angezeigt. Danke...!

Soll ich nun den AdwCleaner, das Junkware Removal Tool und Farbar's Recovery Scan Tool runterladen und ausführen?

aharonov 16.09.2013 19:29
Verschiebe die frst64.exe vom USB-Stick auf den Desktop.
  • Starte dann FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

Wayne123 16.09.2013 19:48
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo Leo,

ich bin wie beschrieben vorgegangen und habe die frst64.exe vom Desktop aus gestartet. Nun rödelt das Programm aber schon eine ganze Weile, was mich irritiert ist der Hinweis "Getting Application errors: 17513" links oben:

Anhang 60241

Ist das normal?

aharonov 16.09.2013 20:15
Schiess den Scan mal ab, lade FRST neu herunter und versuch es nochmals. Klappt es dann?

Wayne123 16.09.2013 20:32
Das Programm läuft immer noch (seit ca. 45 Minuten). Eine FRST.txt wurde nicht auf dem Desktop angelegt aber die Addition.txt.

Hier der Inhalt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 01
Ran by Oliver Krecek at 2013-09-16 20:33:56
Running from C:\Users\Oliver Krecek\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe AIR (x32 Version: 3.8.0.1430)
Adobe Flash Media Live Encoder 3.2 (x32 Version: 3.2.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
AuthenTec TrueSuite (Version: 6.0.400.35)
AuthenTec WinBio FingerPrint Software 64-bit (Version: 3.4.0.1009)
Bitdefender Internet Security 2013 (Version: 16.28.0.1789)
Bonjour (Version: 3.0.0.10)
Bradenton - Anna Maria Island - Longboat Key - German Visitor G (x32 Version: 1.0.4)
Bradenton - Anna Maria Island - Longboat Key - German Visitor Guide (x32 Version: 1.0.4)
Crimson Editor SVN286 (x32 Version: SVN286)
cyberJack Base Components (x32 Version: 6.10.0)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923)
CyberLink PowerDVD (x32 Version: 9.0.5601.52)
D3DX10 (x32 Version: 15.4.2368.0902)
DATA BECKER Plugin Aufmacher pro (x32)
DATA BECKER Plugin Fototisch (x32)
DATA BECKER Plugin Newsletter (x32)
DATA BECKER Plugin Pictomat (x32 Version: 8.0.0.0)
DATA BECKER Plugin Slider (x32)
DATA BECKER Plugin Web App (x32)
DATA BECKER web to date 8 (x32 Version: 8.0.0.2377)
DATA BECKER web to date 8s (x32 Version: 8.0.0.2533)
Dolby Home Theater v4 (x32 Version: 7.2.8000.17)
FDUx86 (x32 Version: 1.0.0)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.26.0)
Fotogalerie (x32 Version: 16.4.3505.0912)
Freemake Video Converter Version 4.0.1 (x32 Version: 4.0.1)
FreePDF (Remove only) (x32)
Garmin ANT Agent (Version: 2.3.4)
Garmin Training Center (x32 Version: 3.6.5)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Garmin WebUpdater (x32 Version: 2.5.6)
GIMP 2.8.4 (Version: 2.8.4)
GPL Ghostscript (Version: 9.07)
HP ENVY 110 series - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP ENVY 110 series Hilfe (x32 Version: 140.0.2.2)
HP Update (x32 Version: 5.003.003.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
IcoFX 1.6.4 (x32)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.0.0344)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.5.0.0248)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) WiDi (Version: 3.5.40.0)
Intel® AT Service signup (x32 Version: 2.0.0.3)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.1000.1411)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Ipswitch WS_FTP Pro Uninstall (x32)
IrfanView (remove only) (x32 Version: 4.35)
iTunes (Version: 11.0.2.26)
Java Auto Updater (x32 Version: 2.1.6.0)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
KUx86 (x32 Version: 1.0.0)
MAGIX 3D Maker (embeded) (x32 Version: 6.0.0.8)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (x32 Version: 6.0.1.4)
MAGIX Video deluxe 16 Premium 9.0.0.54 (D) (x32 Version: 9.0.0.54)
MAGIX Xtreme Foto Designer 6 (x32 Version: 6.0.29.0)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Home and Business 2010 - Deutsch (x32 Version: 14.0.6134.5007)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.6122.5000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.6122.5000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA Optimus 1.12.12 (Version: 1.12.12)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Opera 12.15 (x32 Version: 12.15.1748)
PDF24 Creator 5.6.0 (x32)
PDFCreator (x32 Version: 1.7.0)
Photo Gallery (x32 Version: 16.4.3505.0912)
PrintKey2000 (x32)
Protect Disc License Helper 1.0.125 (IE) (HKCU Version: 1.0.125)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
QuickTime (x32 Version: 7.73.80.64)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6738)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
RedMon - Redirection Port Monitor
Restore (x32 Version: 1.0.0)
Safari (x32 Version: 5.34.57.2)
Shared C Run-time for x64 (Version: 10.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
StarMoney (x32 Version: 1.0)
StarMoney (x32 Version: 4.0.0.203)
StarMoney Business 6.0  (x32 Version: 6.0)
Steuer 2012 (x32 Version: 20.00.8137)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TomTom HOME (x32 Version: 2.9.5)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Topfield Tools (x32)
Topfield Windows Applications (x32 Version: 1)
Ulead PhotoImpact 5 (x32)
VAIO - Xperia Link (x32 Version: 1.0.0.08170)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 1.2.0.08150)
VAIO Gate (x32 Version: 3.0.0.08140)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows-Treiberpaket - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (Version: 02/06/2007 3.1)
XnView 2.00 (x32 Version: 2.00)
XperiaLinkx86 (x32 Version: 1.0.0)

==================== Restore Points  =========================

23-08-2013 06:03:55 Geplanter Prüfpunkt
07-09-2013 20:14:13 Geplanter Prüfpunkt
12-09-2013 16:49:47 Installiert VAIO Update
15-09-2013 06:59:17 PixelPlanet PdfPrinter 7 (64bit) wurde entfernt.

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05CEF54B-C899-4AE4-B2DA-714847B04467} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {08A72C0C-CCB6-4AC8-AC04-A96DBE0A5509} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {14FA5AC3-5C70-4D73-A6AC-51095B760E73} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {16555594-EF1F-4965-9329-2A638EFAF5F7} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {18F04797-05DD-46A4-85F6-E7F3EE4E6347} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation)
Task: {2B24B882-3045-496C-AC76-5A7340D48CD3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {30180746-52B6-4B0C-93F7-943C0E7CF0D1} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {38DC324A-4A8B-49A5-80FE-DC57D9E41478} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3B4D1D70-DDC5-4ECD-9103-F1D1B7663F55} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-01] (Sony Corporation)
Task: {3B6FD396-79B1-43B1-9D43-6D55C9C91CEC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {435B72B7-0446-4D73-B9D8-D747F5A99B4A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {45575957-0B37-4A79-A33B-FAC578145095} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {480294BB-0605-4420-A76B-3B32B022F226} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {49DE41EF-E97E-42DC-B876-2CACDBDABFFC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5688F493-FB79-41C7-BEE0-AF6A7859250D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {590C6400-6446-4CBA-9381-571D278FE848} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {5920DFE0-559C-49F2-992E-0AEBEC9867FD} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {6097393D-08B6-48E8-A09D-50002190D245} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6278D76D-0446-4568-B9E4-9B696CBCF220} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {63B66376-9690-402B-923B-A268D1CA379F} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3158331690-901833896-3757665153-1002 => C:\Windows\System32\portabledeviceapi.dll [2012-07-26] (Microsoft Corporation)
Task: {667637F6-7508-4A5C-AF07-9299FA288D0F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {7101A8DB-6408-4309-AF20-1E2E12B1FABA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {73C11353-1B6C-4056-A506-617D253E067B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {747E90F6-F93C-47CE-8F35-CE2B4EA2C74D} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7E4F36E1-20EB-488E-98FE-5DA73A213B0B} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8F39CA9F-0CBF-4DA8-B665-F750670D6A6E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {90CA5097-0979-4D6C-830E-425BEE88FC90} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9A134968-AD01-40A1-A762-F11439A430FB} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {A6430062-2253-4A78-9874-C7CEDE8916C9} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation)
Task: {A78038AB-2F27-49A8-AC2B-B60911CA1A6B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF0BCC17-86B5-46C3-B707-9CA5F5A24BB1} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B35B4EC4-EE8D-46F3-B579-EF1565A972D0} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {B694EA2C-54BC-425B-A0AF-8FA63BC96525} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BC96B551-2DEC-4FC2-AC8E-6551675D5F43} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3158331690-901833896-3757665153-1002
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation)
Task: {C7917EB2-5057-4D4E-B604-314242703D55} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {CA9E6840-4DDD-4933-B40C-773D2A8C3698} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D5A98E37-90EA-4E7E-87E9-CAF5050B8C0F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E5153DFF-787B-43A9-8578-AC4C8D75B881} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-11-01 08:40 - 2013-03-15 07:53 - 01118776 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvumdshimx.dll
2012-11-01 08:40 - 2013-03-15 07:53 - 00250504 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvinitx.dll
2012-11-01 08:40 - 2013-03-15 07:53 - 02864144 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\nvapi64.dll
2012-11-01 08:41 - 2013-03-15 06:16 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2012-08-21 21:01 - 2012-08-21 03:37 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-11-01 08:41 - 2013-03-15 06:16 - 00076064 _____ (NVIDIA Corporation) C:\Windows\SYSTEM32\Nv3DAppShExtR.dll
2012-11-01 09:25 - 2012-08-14 19:54 - 00064168 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll
2012-11-01 08:41 - 2013-03-15 06:16 - 01016096 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 02493288 _____ (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\biolayer.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 00171880 _____ (AuthenTec) C:\Program Files\AuthenTec TrueSuite\TSLog.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 03953512 _____ (HP) C:\Program Files\AuthenTec TrueSuite\TrueSuiteDlg.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 02388840 _____ (AuthenTec, Inc.) C:\Program Files\AuthenTec TrueSuite\EnumWindowsUsers.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 02553192 _____ (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\AutoSoftwareUpdate.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 01136488 _____ () C:\Program Files\AuthenTec TrueSuite\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 06593384 _____ (AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueAPI.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 00087400 _____ () C:\Program Files\AuthenTec TrueSuite\ssutil.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 00449384 _____ (Authentec Inc.) C:\Program Files\AuthenTec TrueSuite\TokenMachine.dll
2012-11-01 08:57 - 2012-08-09 11:06 - 00157352 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\viaggregator.dll
2012-11-01 08:35 - 2012-08-03 05:34 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-03-30 01:04 - 2012-11-08 08:33 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2012-11-01 08:37 - 2012-08-08 16:12 - 11554688 _____ (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
2012-11-01 08:37 - 2012-08-09 18:45 - 02798464 _____ (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\Resources\deu.dll
2012-08-21 21:01 - 2012-08-21 03:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-30 15:52 - 2013-02-26 17:16 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-03-30 15:52 - 2012-11-08 19:07 - 03359248 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) C:\Program Files\Bitdefender\Bitdefender 2013\htmlayout.dll
2012-10-17 04:28 - 2012-10-17 04:28 - 02965096 _____ (TODO: <Company name>) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationUI.dll
2012-08-31 20:22 - 2012-08-31 20:22 - 01080560 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2012-08-31 20:22 - 2012-08-31 20:22 - 00040688 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2013-03-30 01:04 - 2012-11-08 08:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2012-08-31 20:21 - 2012-08-31 20:21 - 00020208 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\de\pcee4c.resources.dll
2013-03-30 00:39 - 2013-08-01 10:24 - 00031280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll
2013-03-30 00:39 - 2013-08-01 10:24 - 00017984 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll
2012-11-01 10:10 - 2012-11-01 10:10 - 00294592 _____ (Sony Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\VAIOCareToolkit\v4.0_8.0.0.8080__6b746f706d1a5a7d\VAIOCareToolkit.dll
2012-11-01 08:40 - 2012-08-29 08:04 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-08-15 19:26 - 2012-08-15 19:26 - 00130752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\de-DE\VCSystemTray.resources.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00037056 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\IntelMonitor\IntelMonitorBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00032960 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\CommonPlugin\CommonPluginBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00239808 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\VAIOCare.Utilities.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00025280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\MetricsPhilatelist\MetricsPhilatelistBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00025280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00010944 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationAPI.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00431808 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Notification\NotificationPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00018112 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\LaunchBrowser\LaunchBrowserBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00016576 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SystemSupport\SystemSupportBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00098496 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00019136 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\NetworkDiagnostics\NetworkDiagnosticsAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00169664 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AboutVAIOHub\AboutVAIOHubPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00382656 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SoftwareHub\SoftwareHubPL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00029376 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00012992 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\SelfHeal\SelfHealAPI.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00036544 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\SelfHeal.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00089792 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00016576 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\AdvancedTools\AdvancedToolsAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00028352 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Libraries\IoloToolOpt.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00033472 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00015040 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\ContactAndSupport\ContactAndSupportAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00033984 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00011968 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\History\HistoryAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00023744 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\BatteryCheck\BatteryCheckBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00179392 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareBL.dll
2012-08-08 21:59 - 2012-08-08 21:59 - 00033472 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\OneClickCare\OneClickCareAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00050880 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Message\MessageBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00026304 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\DownloadManager\DownloadManagerBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00043712 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\Solve\SolveAPI.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\GenericVAIOCareReminders\GenericVAIOCareRemindersBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00014528 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\UploadManager\UploadManagerBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00017600 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdateCommon\VAIOCareUpdateCommonBL.dll
2012-08-08 21:48 - 2012-08-08 21:48 - 00034496 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Plugins\VAIOCareUpdate\VAIOCareUpdateBL.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 00278376 _____ (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\x86\BioLayerAdapter.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 00150888 _____ (AuthenTec) C:\Program Files\AuthenTec TrueSuite\x86\TSLog.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 01856360 _____ (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\x86\biolayer.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 00905064 _____ () C:\Program Files\AuthenTec TrueSuite\x86\DataManager.dll
2012-07-16 07:59 - 2012-07-16 07:59 - 05901160 _____ (AuthenTec, Inc.) C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
2013-02-15 18:19 - 2013-02-15 18:19 - 00204800 _____ (GARMIN Corp.) C:\Program Files (x86)\Garmin\ANT Agent\ant agentDEU.dll
2013-01-25 16:00 - 2013-01-25 16:00 - 00090112 _____ (Silicon Laboratories, Inc.) C:\Program Files (x86)\Garmin\ANT Agent\DSI_SiUSBXp_3_1.DLL
2012-11-01 08:52 - 2012-06-12 18:40 - 00104584 _____ (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2012-11-01 09:24 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00053648 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 14:08 - 2013-01-28 14:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\SYSTEM32\dnssd.dll
2013-06-23 10:39 - 2013-06-10 12:08 - 00057384 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\Settings.dll
2013-06-23 10:39 - 2013-06-10 12:08 - 00395304 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\NotifyIcon.dll
2013-06-23 10:39 - 2013-06-10 12:08 - 00047144 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\Language.dll
2013-06-23 10:39 - 2013-06-10 12:08 - 00383016 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\About.dll
2013-08-18 12:30 - 2013-08-18 12:30 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-11-01 08:40 - 2012-08-29 08:04 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-18 12:30 - 2013-08-18 12:30 - 03551640 _____ () c:\program files (x86)\mozilla firefox\mozjs.dll
2012-07-17 03:54 - 2012-07-17 03:54 - 01560936 _____ (AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 01856360 _____ (AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\x86\BioLayer.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 03342696 _____ (HP) C:\Program Files\AuthenTec TrueSuite\x86\TrueSuiteDlg.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 01763176 _____ (AuthenTec, Inc.) C:\Program Files\AuthenTec TrueSuite\x86\EnumWindowsUsers.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\314.22-notebook-win8-win7-64bit-international-whql.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\ANTAgent_234.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\aufmacherpro.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\CommunicatorPlugin_404.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\FreemakeVideoConverterSetup_4.0.1.1.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\FreePDF4.07j.EXE:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\FreePDF4.08.EXE:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\FreeStudio.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\gimp-2.8.4-setup.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\gs904w32.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\gs907w64.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\icofxsetup164.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\iview435_setup.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\LS110_1315.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\MCPR.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\pdf24-creator-5.6.0.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\PDFCreator-1_6_2_setup.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\PDFCreator-1_7_0_setup.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\pdfprinter_setup_64bit.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\QuickTimeInstaller.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\SafariSetup-5.1.7.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\SafariSetup.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\Setup(1).exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\SMB_6_retail.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\SoftonicDownloader_fuer_wondershare-vivideo.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\swftools-0.8.1.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\TrainingCenter_365.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\wlsetup-all_de_16.4.3505.0912.exe:BDU
AlternateDataStreams: C:\Users\Oliver Krecek\Downloads\XnView-win-full_2.00.exe:BDU


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2013 08:28:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Ich habe inzwischen den Scan abgeschossen, FRST neu heruntergeladen und nach einem Neustart des Rechners erneut ausgeführt. Das Ergebnis ist das gleiche, FRST bleibt an der gleichen Stelle hängen bzw. bringt wieder den gleichen Hinweis...

aharonov 16.09.2013 20:35
Und wenn du den Scan im abgesicherten Modus versuchst? Bleibt er dort auch hängen?

Wayne123 16.09.2013 20:48
Ja leider, auch im abgesicherten Modus bleibt das Programm an der gleichen Stelle hängen...

Gehe ich eine Gefahr ein, wenn ich im aktuellen Zustand mit dem Rechner arbeite und Websites mit Benutzername und Passwort aufrufe (Stichwort ausspähen von Passwörtern)?

PS: Habe ich evtl. zu viele Haken im FRST gesetzt?

aharonov 16.09.2013 20:49
Wir sollten noch gründlich kontrollieren.
Wenn FRST nicht will, dann halt OTL:


Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
  • Doppelklick auf die OTL.exe.
  • Unter Extra Registry, wähle bitte Use SafeList.
  • Setze den Haken bei Scan all Users.
  • Klicke nun auf Run Scan.
  • Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
  • Poste den Inhalt dieser Logfiles hier in den Thread.

Wayne123 16.09.2013 21:03
Das hat geklappt...!

OTL.txt:
Code:
OTL logfile created on: 16.09.2013 21:51:33 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Oliver Krecek\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,88 Gb Total Physical Memory | 3,63 Gb Available Physical Memory | 61,71% Memory free
11,88 Gb Paging File | 9,55 Gb Available in Paging File | 80,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 434,68 Gb Total Space | 155,46 Gb Free Space | 35,76% Space Free | Partition Type: NTFS
 
Computer Name: OLI | User Name: Oliver Krecek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.16 21:50:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\otl.exe
PRC - [2013.08.18 12:30:43 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013.06.13 12:51:34 | 000,663,184 | ---- | M] (Star Finanz-Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2013.06.10 12:08:18 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013.03.14 20:57:32 | 000,373,760 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2013.02.15 18:23:34 | 014,731,776 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2012.08.18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012.08.18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2012.08.08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.08.08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.08.06 11:29:22 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2012.07.24 03:11:21 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.24 03:11:08 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.24 03:10:40 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.07.24 03:09:00 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.07.17 03:53:18 | 004,122,984 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.03.19 22:58:12 | 000,514,128 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe
PRC - [2010.10.28 10:10:40 | 000,189,776 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [1999.09.30 21:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.09.15 18:52:18 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013.09.15 18:52:11 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013.09.15 10:32:39 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013.09.15 10:31:58 | 000,197,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\1fc03f9a739f1ac6b62134debfafd32b\CustomMarshalers.ni.dll
MOD - [2013.09.05 17:43:46 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf905c62ab9c1b77ca69e8b745e3fdb\System.Core.ni.dll
MOD - [2013.09.05 17:42:57 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013.09.05 17:42:18 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013.08.18 12:30:42 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.29 08:04:12 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012.08.06 11:29:22 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
MOD - [2012.07.17 03:53:18 | 004,122,984 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
MOD - [2012.07.17 03:53:08 | 000,905,064 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\DataManager.dll
MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe /McCoreSvc -- (McOobeSv2)
SRV:64bit: - [2013.08.16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.06.25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.05.01 08:15:44 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.26 17:50:29 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.08.06 11:28:56 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013.09.11 03:59:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.18 12:30:42 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.01 11:18:44 | 001,368,624 | ---- | M] (Sony Corporation) [On_Demand | Running] -- c:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013.06.13 12:51:34 | 000,663,184 | ---- | M] (Star Finanz-Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney Business 6.0 OnlineUpdate)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.26 17:22:43 | 000,069,392 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2012.08.21 03:25:13 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.08.18 06:36:14 | 000,623,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012.08.08 21:48:20 | 000,056,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2012.08.08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.08.08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.08.08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012.08.08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012.08.08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012.08.08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.24 03:11:21 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.24 03:11:08 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.24 03:10:40 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.07.24 03:09:00 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2012.07.18 13:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.07.18 13:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.07.18 13:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.07.18 13:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.07.17 03:52:46 | 002,125,160 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Programme\AuthenTec TrueSuite\TrueSuiteService.exe -- (FPLService)
SRV - [2012.07.17 01:38:26 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012.07.16 07:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Programme\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2012.06.30 02:40:27 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.05.02 14:49:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.03.19 22:58:12 | 000,514,128 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc)
SRV - [2011.12.01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.04.05 20:07:38 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.10.28 10:10:40 | 000,189,776 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.08.16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013.07.09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.07.02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.07.02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.06.29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftvolwin7.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 19:21:48 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftredirwin7.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 19:21:46 | 000,768,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftfswin7.sys -- (Sftfs)
DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftplaywin7.sys -- (Sftplay)
DRV:64bit: - [2013.06.10 23:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.05.01 08:15:49 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013.05.01 08:15:46 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013.03.15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.01.29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.26 19:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.12 18:11:19 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012.10.31 13:13:18 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\trufos.sys -- (trufos)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 05:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012.10.09 19:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 19:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 19:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 19:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.05 02:49:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.10.04 14:30:19 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.21 05:12:13 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.21 05:09:55 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.21 03:33:15 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.08.21 03:24:44 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.08.07 16:51:58 | 004,273,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.08.01 08:26:18 | 001,109,296 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.24 03:09:45 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.07.17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.07.17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.07.14 18:36:30 | 000,825,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.07.11 14:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2012.07.11 07:48:42 | 000,023,456 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bdelam.sys -- (bdelam)
DRV:64bit: - [2012.07.04 13:31:40 | 000,055,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012.07.03 07:37:04 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.06.30 02:40:47 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.11 04:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sows.sys -- (SOWS)
DRV:64bit: - [2012.06.02 16:31:39 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2012.06.02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.04.24 12:01:12 | 000,110,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.03.29 11:50:26 | 000,034,672 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cjusb.sys -- (cjusb)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2007.09.06 15:53:00 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1)
DRV - [2013.05.01 08:15:31 | 000,098,768 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2012.10.17 15:13:46 | 000,106,568 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=121561&babsrc=HP_ss&mntrId=38D1C8F7330CE1C2
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes,DefaultScope = {D4DCE3ED-CDF2-4B05-84C2-D3B351B0071B}
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=121561&babsrc=SP_ss&mntrId=38D1C8F7330CE1C2
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes\{D4DCE3ED-CDF2-4B05-84C2-D3B351B0071B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes\{E3348291-A1E1-45D6-86F2-492F9A9E26A4}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.38
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.41
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll (AuthenTec, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Oliver Krecek\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.03.30 15:52:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.18 12:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.03.30 15:52:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.18 12:30:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.04.27 13:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Extensions
[2013.04.27 13:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.09.08 10:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions
[2013.09.08 10:35:03 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013.08.25 09:58:57 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.08.30 22:43:52 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013.05.04 14:15:26 | 000,006,506 | ---- | M] () -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\firefox\profiles\tcsmmjn4.default\searchplugins\babylon.xml
[2013.05.04 14:15:26 | 000,006,506 | ---- | M] () -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\firefox\profiles\tcsmmjn4.default\searchplugins\BrowserProtect.xml
[2013.05.04 14:14:56 | 000,001,294 | ---- | M] () -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\firefox\profiles\tcsmmjn4.default\searchplugins\delta.xml
[2013.08.18 12:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.08.18 12:30:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.04 14:14:41 | 000,006,503 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll File not found
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SMB60StarMoneyRunEntry] C:\Program Files (x86)\StarMoney Business 6.0\app\oflagent.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium\Trayserver.exe (MAGIX AG)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [HP ENVY 110 series (NET)] C:\Program Files\HP\HP ENVY 110 series\Bin\scantopcactivationapp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E72C20D-58BC-49A4-978D-3973252719F1}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6759444A-8505-41B3-9306-C9A9F6AD668B}: DhcpNameServer = 10.100.26.2
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.16 21:50:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\OTL.exe
[2013.09.16 21:19:45 | 001,951,262 | ---- | C] (Farbar) -- C:\Users\Oliver Krecek\Desktop\FRST64.exe
[2013.09.16 20:31:35 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\Desktop\Downloads
[2013.09.16 19:57:09 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.14 11:03:06 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Roaming\7d4c316f1b70d0ac68316da554a221bb
[2013.09.14 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\aqua
[2013.09.14 11:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.09.12 18:53:04 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSService.dll
[2013.09.12 18:53:04 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2013.09.12 18:53:04 | 000,209,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2013.09.12 18:53:03 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2013.09.12 18:53:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2013.09.12 18:53:02 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.09.12 18:53:02 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2013.09.12 18:53:02 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2013.09.12 18:53:02 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2013.09.12 18:53:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2013.09.12 18:53:01 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013.09.12 18:53:00 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.09.12 18:53:00 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSSync.dll
[2013.09.12 18:53:00 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
[2013.09.12 18:52:59 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSSync.dll
[2013.09.12 18:52:59 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.09.12 18:52:59 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.09.12 18:52:59 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.09.12 18:52:58 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013.09.12 18:52:58 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSClient.dll
[2013.09.12 18:52:58 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2013.09.12 18:52:58 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013.09.12 18:52:58 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSClient.dll
[2013.09.12 18:52:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.09.12 18:52:58 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.09.12 18:52:58 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dam.sys
[2013.09.12 18:52:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2013.09.12 18:52:57 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013.09.12 18:52:56 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013.09.12 18:52:56 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.09.12 18:52:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcln.dll
[2013.09.12 18:52:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013.09.12 18:52:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.09.12 18:52:54 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.09.12 18:52:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2013.09.12 18:51:53 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.12 18:51:49 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.09.12 18:51:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.12 18:51:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.12 18:51:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.12 18:51:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.12 18:51:48 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.12 18:51:48 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.12 18:51:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.12 18:51:48 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.09.12 18:51:48 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.12 18:51:48 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.09.12 18:51:48 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.12 18:51:48 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.12 03:04:29 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2013.09.12 03:04:27 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2013.09.12 03:04:27 | 001,300,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.09.12 03:04:27 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013.09.12 03:04:27 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013.09.12 03:04:26 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2013.09.12 03:04:26 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2013.09.12 03:04:26 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2013.09.12 03:04:26 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.09.12 03:04:26 | 000,327,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2013.09.12 03:04:26 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.09.12 03:04:26 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmsvc.dll
[2013.09.12 03:04:26 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2013.09.12 03:04:26 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.09.12 03:04:26 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmmbase.dll
[2013.09.12 03:04:26 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winmmbase.dll
[2013.09.12 03:04:26 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.09.12 03:04:26 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msgpioclx.sys
[2013.09.12 03:04:26 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2013.09.12 03:04:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcmcsp.dll
[2013.09.12 03:04:25 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.09.12 03:04:25 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.09.12 03:04:25 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanmm.dll
[2013.09.12 03:04:25 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.09.12 03:04:25 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wwanadvui.dll
[2013.09.12 03:04:25 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LocationApi.dll
[2013.09.12 03:04:25 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LocationApi.dll
[2013.09.12 03:04:25 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013.09.12 03:04:25 | 000,096,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013.09.12 03:04:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\openfiles.exe
[2013.09.12 03:04:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\openfiles.exe
[2013.09.07 15:35:53 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Local\Cyberlink
[2013.09.07 15:35:47 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\Documents\CyberLink
[2013.08.25 08:13:22 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Local\Garmin
[2013.08.25 08:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2013.08.25 08:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2013.08.25 08:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013.08.25 08:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2013.08.25 08:12:18 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Roaming\Garmin
[2013.08.18 12:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[28 C:\Users\Oliver Krecek\Documents\*.tmp files -> C:\Users\Oliver Krecek\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.16 21:50:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\OTL.exe
[2013.09.16 21:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.16 21:42:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.09.16 21:42:30 | 757,714,943 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.16 21:27:44 | 000,065,336 | ---- | M] () -- C:\Users\Oliver Krecek\Desktop\Hinweis_2.jpg
[2013.09.16 21:22:53 | 000,001,922 | ---- | M] () -- C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk
[2013.09.16 21:19:45 | 001,951,262 | ---- | M] (Farbar) -- C:\Users\Oliver Krecek\Desktop\FRST64.exe
[2013.09.16 20:59:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.16 20:43:54 | 000,042,145 | ---- | M] () -- C:\Users\Oliver Krecek\Desktop\Hinweis.jpg
[2013.09.16 20:36:02 | 001,746,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.16 20:36:02 | 000,753,578 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.16 20:36:02 | 000,710,688 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.16 20:36:02 | 000,156,012 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.16 20:36:02 | 000,132,800 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.15 09:42:53 | 000,005,159 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2013.09.14 11:03:00 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Reiserführer AMI.lnk
[2013.09.14 07:59:02 | 000,410,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.14 07:58:59 | 885,049,272 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.09.13 18:39:18 | 001,774,862 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.07 15:46:23 | 009,852,542 | ---- | M] () -- C:\Users\Oliver Krecek\Desktop\accessoryoverview_en-GB.pdf
[2013.09.05 22:09:17 | 000,694,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.05 22:09:17 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.01 18:35:35 | 000,000,030 | ---- | M] () -- C:\Windows\iedit.INI
[2013.08.21 06:12:21 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.08.21 06:11:59 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.08.21 06:11:59 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.08.21 06:11:22 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.08.21 06:11:07 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.08.21 06:11:07 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.08.21 06:11:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.08.21 06:11:04 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.08.21 06:11:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.08.21 04:06:06 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.08.21 04:05:28 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.08.21 04:05:25 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.08.21 04:05:25 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.08.21 04:05:25 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[28 C:\Users\Oliver Krecek\Documents\*.tmp files -> C:\Users\Oliver Krecek\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.09.16 21:27:44 | 000,065,336 | ---- | C] () -- C:\Users\Oliver Krecek\Desktop\Hinweis_2.jpg
[2013.09.16 20:37:17 | 000,042,145 | ---- | C] () -- C:\Users\Oliver Krecek\Desktop\Hinweis.jpg
[2013.09.14 11:03:00 | 000,001,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aqua_bacvb2013-de.lnk
[2013.09.14 11:03:00 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Reiserführer AMI.lnk
[2013.09.14 07:59:02 | 000,410,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.12 18:52:47 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.09.12 18:50:46 | 000,000,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.09.12 03:04:25 | 000,387,583 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.09.07 15:46:21 | 009,852,542 | ---- | C] () -- C:\Users\Oliver Krecek\Desktop\accessoryoverview_en-GB.pdf
[2013.06.08 17:59:30 | 000,000,936 | ---- | C] () -- C:\Users\Oliver Krecek\AppData\Local\recently-used.xbel
[2013.05.04 18:52:05 | 000,007,103 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013.05.04 18:02:20 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.04.28 16:36:36 | 000,147,492 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013.04.08 17:03:00 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.04.06 09:26:42 | 000,000,590 | ---- | C] () -- C:\Windows\wiso.ini
[2013.04.02 19:15:57 | 000,740,362 | ---- | C] () -- C:\Windows\unins000.exe
[2013.04.02 19:15:57 | 000,311,351 | ---- | C] () -- C:\Windows\unins000.dat
[2013.03.31 10:43:36 | 000,000,030 | ---- | C] () -- C:\Windows\iedit.INI
[2013.03.30 19:05:20 | 000,000,591 | ---- | C] () -- C:\Windows\cedt.INI
[2013.03.30 16:56:09 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2013.03.30 16:56:09 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2013.03.30 15:53:44 | 000,543,497 | ---- | C] () -- C:\ProgramData\1364651054.bdinstall.bin
[2013.03.30 10:46:47 | 000,005,159 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2013.03.30 01:57:58 | 000,000,396 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2013.03.30 01:57:54 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll
[2013.03.30 01:57:54 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll
[2013.03.30 01:13:53 | 001,774,862 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.01 10:11:28 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.11.01 08:36:19 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.08.21 21:01:33 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.08.21 21:01:30 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.08.21 21:01:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.05.04 14:14:13 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Extras.Txt:
Code:
OTL Extras logfile created on: 16.09.2013 21:51:33 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Oliver Krecek\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,88 Gb Total Physical Memory | 3,63 Gb Available Physical Memory | 61,71% Memory free
11,88 Gb Paging File | 9,55 Gb Available in Paging File | 80,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 434,68 Gb Total Space | 155,46 Gb Free Space | 35,76% Space Free | Partition Type: NTFS
 
Computer Name: OLI | User Name: Oliver Krecek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04447C2B-6B9E-475D-A4F5-C7CA0EE360AD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{116B245A-75D4-470A-9EFD-5BFA23036BCF}" = rport=445 | protocol=6 | dir=out | app=system |
"{27EF02C8-A323-40F2-B892-D39DD18E7AD2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2FB14C19-656D-4C0E-B575-3891A1B3150E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3042BE86-5A46-4B9E-BB7B-CFC9929B82D0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B4324CE-4A9D-4620-9EBF-C4F2151C80A0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4167AB66-CFED-4C7C-800D-14F75D6C72ED}" = rport=138 | protocol=17 | dir=out | app=system |
"{4C844769-3539-41A8-AA4B-289A619323E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{509CBFA6-CBE7-4AD5-995E-9ADF7F00430E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{55548BC2-30CE-4AFE-A5B4-CD7446045EF9}" = lport=139 | protocol=6 | dir=in | app=system |
"{566F7665-B9A7-4D74-9A72-ED1832C81C3E}" = lport=138 | protocol=17 | dir=in | app=system |
"{5922BC7E-DCA8-4EAA-B3FE-8CA11D0E141D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68FA15A0-04CF-4BAF-821E-2734CB035C59}" = rport=137 | protocol=17 | dir=out | app=system |
"{827F9456-915C-46C6-B24B-0D1966D5A245}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{88808E02-07F9-4289-B062-39DC01E7BA9E}" = lport=445 | protocol=6 | dir=in | app=system |
"{B4FD8A57-2FD7-4555-961B-637DD130C796}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B54B154D-3F6B-4EBB-B120-79ED6F388FBD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B598D933-9F09-4183-9DA8-2023411E8B03}" = rport=139 | protocol=6 | dir=out | app=system |
"{BEFD46E3-A241-430D-A980-D3B6E2174661}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C126C3C9-40CB-4A2C-9B6F-ECCDA9F9B1B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CA4E2834-B877-472E-B337-F911EABB0FB0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D20DB526-5BD4-4001-B93B-C3E6D0C597B1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FBFD055B-CA68-46BC-A9FA-F77536191BE8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E75933-3422-4750-8FCC-E061EFA8E4D5}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{0A13A351-50BC-4403-8FA8-79CF4FC7C882}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D289B36-AA55-495D-91A4-6952D4E87C49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15AED578-D313-48AA-9F8C-52B064C09B9D}" = dir=out | name=vaio message center |
"{17E3D6A0-A3B1-4E9C-A8D1-8728FBB0F627}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{1A7C3C9B-9007-4D36-B790-72BD99D18650}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{1F4C66D8-C92C-4D4F-A4F9-9EED23EA32A3}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2AB65129-7148-442B-B87F-247FFCF697B6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2C0464B5-B7E6-4DCF-81F5-5F251FA7DC22}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2D328879-9D09-4F83-8FF9-73B28039DD0D}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2F32541E-FCE1-40A8-B579-3AED35A33112}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{384B0CC2-DF23-4DC0-BE7D-6434098C09AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39737874-6080-489F-B390-91DDAA4957BB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47CB8B2E-B222-4363-820C-9E01E77D2580}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{49654D7B-EC33-4550-BFBD-7E228D1E1D9A}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{4C05FAA9-7AA0-4FB8-8512-773D77677411}" = dir=out | name=vaio care |
"{4CADD3E4-C71A-4063-B9B8-7F0CA9D3991F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4EBF4FF5-AA4B-42ED-A897-1EF38BE434D7}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney business 6.0\app\starmoney.exe |
"{53310D84-742B-4F1B-AE63-367A08C83458}" = dir=in | app=c:\program files\hp\hp envy 110 series\bin\devicesetup.exe |
"{553B8F60-0153-4CAA-A178-90B6216E2383}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{55BCDB14-A88D-4453-A109-F8B0F4B0005A}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney business 6.0\ouservice\starmoneyonlineupdate.exe |
"{578B7669-02BA-4204-97FF-80345D9702BD}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{58A1AD78-EB7A-45A4-82EB-619E400CD268}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5A866396-E947-41DD-BDC9-403A22AD8F70}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B5C9036-D832-41BD-8AF9-9712544EA253}" = dir=in | app=c:\program files\hp\hp envy 110 series\bin\hpnetworkcommunicator.exe |
"{5D280A3E-5174-45BD-91D7-E37C063CCBF3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5E381D3A-EB62-412B-B450-D9D581D245EC}" = dir=in | name=vaio care |
"{61442791-B62A-421E-9F9A-25CDE9528B07}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{687F9203-A847-4D36-BFB9-13637FDFAC96}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{6B12A790-8177-4193-8ED6-FBBB6A23E1C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7036712A-DB66-4C86-AC92-D530BBC05609}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{70EC03E1-93C0-4426-8306-E93D5ED3D175}" = dir=in | app=c:\program files\hp\hp envy 110 series\bin\hpnetworkcommunicatorcom.exe |
"{7330F417-F8DF-42FE-A271-C6FF1903A868}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{809B7C4C-77D2-4000-B79B-665427BB454D}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney business 6.0\ouservice\starmoneyonlineupdate.exe |
"{85124AE1-18DE-4900-B48C-5E445F805C7F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{8A4E250F-76A2-4832-924A-3019C050FA59}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8EF71577-7D7A-4DAE-AB91-316091A26032}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney business 6.0\app\starmoney.exe |
"{91BE56DC-FF9B-4428-8612-4BA07B72B9CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{944D7011-DF0A-4B9A-9335-47008A413868}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A5C8D447-95E9-4B6F-AC45-ACD7B3CC5F27}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AA57B34A-3FF5-495C-9183-3BBB5EE99F96}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AC294341-CF49-4D83-9BE6-94069360C575}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B1C94B72-4AC7-4F0A-B6FE-C3A612130408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B478E770-D35A-4560-A098-BE521E2C60E1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B86032F6-E4EC-4E3C-B245-10F5BB11DA3A}" = protocol=6 | dir=out | app=system |
"{BF113CFF-ADFF-4EC4-8FB6-E514FAEDB41A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C27A064B-6B4B-497E-BF60-6D7ED3E79D51}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C2FAE51A-8A3F-4EB7-AEFE-31DA2715F25D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C4F083B0-3092-43AE-AEEB-0AC6A5238AC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC699A3C-070A-49E8-B58B-48649AB8CBF3}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{CCEB16C8-4FD9-4152-96E0-F536ACB1DA4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFF96790-69CC-46F3-931D-602D4F5BC28E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E1A234E4-9445-4FD4-B6BE-BFA95A57C697}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E3B34CAC-559F-41C4-91C8-40C643A76FD6}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E3D7B7A2-6F26-48FC-90D2-9F1650A9C111}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5823A71-CCC8-466C-B102-DD756117B781}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6F2EB62-657F-40A4-8972-1388616EDDFC}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC602FAB-02F9-4269-86C6-DB2DDD66C918}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F4AC07B4-056E-497B-9DEB-EEC38EAA00C2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FB1099A4-3EB1-4454-A84C-AC8F46E4F5D6}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{FD5AEB8D-31CA-41C2-A723-2C2998F6E2C1}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FDF39097-A0E7-4AAA-998F-1DAB6D5343D4}" = dir=out | name=windows_ie_ac_001 |
"TCP Query User{61B507FE-54E4-4F0B-AFCF-742B4D86AEE8}C:\users\oliver krecek\appdata\local\data becker\web to date 8.0\apache\apache.exe" = protocol=6 | dir=in | app=c:\users\oliver krecek\appdata\local\data becker\web to date 8.0\apache\apache.exe |
"UDP Query User{204B1EF8-8B73-441C-9BDA-1A7B0F3D8543}C:\users\oliver krecek\appdata\local\data becker\web to date 8.0\apache\apache.exe" = protocol=17 | dir=in | app=c:\users\oliver krecek\appdata\local\data becker\web to date 8.0\apache\apache.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft-Maus- und Tastatur-Center
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{4B432082-B58C-4035-91FB-F28D504D3148}" = VUx64
"{4E21D7C1-80CA-48A0-9983-9F60EEA70B50}" = Garmin ANT Agent
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = VSSTx64
"{5388ABD8-6E23-4498-BE10-01079387590F}" = VGClientX64
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel(R) WiDi
"{62A172B2-550E-499D-9A82-5190D18390AA}" = VAIO Media Server Settings
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{89478C31-5CE8-461A-9084-9A0AF059F84F}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{8CA09F9B-A122-4F50-9A6F-7909106019F9}" = HP ENVY 110 series - Grundlegende Software für das Gerät
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99FDAE3B-6905-45A6-8F73-595363AAD3D1}" = Intel® PROSet/Wireless WiFi-Software
"{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}" = VCCx64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B54E0BD4-0079-4AE1-831C-A7CB9F4D569D}" = AuthenTec TrueSuite
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{E0F928B4-2BB2-4D7E-B16E-2B202CB58EDE}" = VAIO Care
"{E33003B9-6A0D-4126-BD67-6FC62D643501}" = AuthenTec WinBio FingerPrint Software 64-bit
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows-Treiberpaket - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2)
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
"Bitdefender" = Bitdefender Internet Security 2013
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)
"GIMP-2_is1" = GIMP 2.8.4
"GPL Ghostscript 9.07" = GPL Ghostscript
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"ProInst" = Intel PROSet Wireless
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"{01159E8A-44F7-4885-A7F9-872CE4D74063}" = Steuer 2012
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{10181264-340D-4BE7-B879-3A49604A6FD1}" = VUx86
"{14AC95A2-7675-4988-A5BD-3F5B943AED08}" = VAIO Gate
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3490653F-2789-46A1-B1BF-6BD4CF4131AB}" = FDUx86
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}" = StarMoney
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{692955F2-DE9F-4078-8FAA-858D6F3A1776}" = VAIO Gesture Control
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72152D31-C74B-454A-94F1-2356A89B15C9}" = StarMoney Business 6.0
"{74B58083-B5B9-46a5-847C-248F97FF2A56}" = Topfield Tools
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7D542452-84EB-47C0-97BA-735C523AB555}" = Garmin Training Center
"{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}" = VMLx86
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.6.0
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{857087BB-A988-4462-A5C6-CF6739143B56}" = KUx86
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}" = VHD
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A5557F84-D659-3DA0-6A57-FD1EE5527772}" = Bradenton - Anna Maria Island - Longboat Key - German Visitor G
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"{AA4B3623-6213-41EC-9BFB-F001D72C47A6}" = VAIO Gesture Control
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.8) MUI
"{AE1EC58E-B2AC-4959-A4C2-C38202A25239}" = Garmin WebUpdater
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF37F9DE-0726-439E-BC10-43D9195394D0}" = Firebird SQL Server - MAGIX Edition
"{B24BB74E-8359-43AA-985A-8E80C9219C70}" = VSSTx86
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B31938C7-7E97-49EE-8F88-951E156268A3}" = VCCx86
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}" = Intel® AT Service signup
"{CD650B6A-FE79-40E0-A069-299CF6575E6B}" = XperiaLinkx86
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D4444B31-E9E9-4389-B35D-41B5BCA5E9FB}" = HP ENVY 110 series Hilfe
"{D91558BF-D1F3-411F-AEFE-8774CB406512}" = VAIO - Xperia Link
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}" = Restore
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F902AB2B-7816-4CBD-A385-F2549F62956B}" = StarMoney
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"7d4c316f1b70d0ac68316da554a221bb" = Bradenton - Anna Maria Island - Longboat Key - German Visitor Guide
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Crimson Editor SVN286" = Crimson Editor SVN286
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.0.1
"FreePDF_XP" = FreePDF (Remove only)
"IcoFX_is1" = IcoFX 1.6.4
"InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}" = VAIO Movie Creator Template Data
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}" = VAIO Image Optimizer
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD
"IrfanView" = IrfanView (remove only)
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"MAGIX Video deluxe 16 Premium D" = MAGIX Video deluxe 16 Premium 9.0.0.54 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Opera 12.15.1748" = Opera 12.15
"Plugin Aufmacher pro_is1" = DATA BECKER Plugin Aufmacher pro
"Plugin Fototisch_is1" = DATA BECKER Plugin Fototisch
"Plugin Newsletter_is1" = DATA BECKER Plugin Newsletter
"Plugin Pictomat_is1" = DATA BECKER Plugin Pictomat
"Plugin Slider_is1" = DATA BECKER Plugin Slider
"Plugin Web App_is1" = DATA BECKER Plugin Web App
"PrintKey2000" = PrintKey2000
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Topfield Windows Applications" = Topfield Windows Applications
"Ulead PhotoImpact 5.0" = Ulead PhotoImpact 5
"web to date 8_is1" = DATA BECKER web to date 8
"web to date 8s_is1" = DATA BECKER web to date 8s
"WinLiveSuite" = Windows Live Essentials
"WS_FTPPro" = Ipswitch WS_FTP Pro Uninstall
"XnView_is1" = XnView 2.00
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.09.2013 05:58:46 | Computer Name = Oli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.0.0.8150,
 Zeitstempel: 0x502b7051  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451,
 Zeitstempel: 0x50988aa6  Ausnahmecode: 0xe0434352  Fehleroffset: 0x000000000003811c
ID
 des fehlerhaften Prozesses: 0x1310  Startzeit der fehlerhaften Anwendung: 0x01ceac7a02152744
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 3fdbebf2-186d-11e3-bec9-c8f7330ce1c5
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 08.09.2013 06:03:46 | Computer Name = Oli | Source = .NET Runtime | ID = 1026
Description =
 
Error - 08.09.2013 06:03:46 | Computer Name = Oli | Source = .NET Runtime | ID = 1026
Description =
 
Error - 08.09.2013 06:03:46 | Computer Name = Oli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.0.0.8150,
 Zeitstempel: 0x502b7051  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451,
 Zeitstempel: 0x50988aa6  Ausnahmecode: 0xe0434352  Fehleroffset: 0x000000000003811c
ID
 des fehlerhaften Prozesses: 0x1e24  Startzeit der fehlerhaften Anwendung: 0x01ceac7ab4e6b166
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: f2ac1752-186d-11e3-bec9-c8f7330ce1c5
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 08.09.2013 06:03:46 | Computer Name = Oli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VCSystemTray.exe, Version: 8.0.0.8150,
 Zeitstempel: 0x502b7051  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451,
 Zeitstempel: 0x50988aa6  Ausnahmecode: 0xe0434352  Fehleroffset: 0x000000000003811c
ID
 des fehlerhaften Prozesses: 0x19d4  Startzeit der fehlerhaften Anwendung: 0x01ceac7ab4e6b166
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VCSystemTray.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: f2abf042-186d-11e3-bec9-c8f7330ce1c5
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 08.09.2013 10:06:05 | Computer Name = Oli | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.09.2013 10:06:05 | Computer Name = Oli | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1250
 
Error - 08.09.2013 10:06:05 | Computer Name = Oli | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1250
 
Error - 10.09.2013 12:40:52 | Computer Name = Oli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: fpassist.exe, Version: 3.20.0.119,
 Zeitstempel: 0x51422bab  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578,
 Zeitstempel: 0x515fac6e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00057731  ID des fehlerhaften
 Prozesses: 0x1a28  Startzeit der fehlerhaften Anwendung: 0x01ceac71bc7011af  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\FreePDF_XP\fpassist.exe  Pfad des
fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: c0f65e5a-1a37-11e3-bec9-c8f7330ce1c5
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 11.09.2013 13:12:16 | Computer Name = Oli | Source = Customer Experience Improvement Program | ID = 1008
Description =
 
[ System Events ]
Error - 14.09.2013 02:01:59 | Computer Name = Oli | Source = DCOM | ID = 10010
Description =
 
Error - 14.09.2013 02:01:59 | Computer Name = Oli | Source = DCOM | ID = 10010
Description =
 
Error - 14.09.2013 02:03:04 | Computer Name = Oli | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%2
 
Error - 14.09.2013 02:06:16 | Computer Name = Oli | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 14.09.2013 02:06:16 | Computer Name = Oli | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 15.09.2013 01:25:59 | Computer Name = Oli | Source = DCOM | ID = 10010
Description =
 
Error - 15.09.2013 01:25:59 | Computer Name = Oli | Source = DCOM | ID = 10010
Description =
 
Error - 15.09.2013 01:27:16 | Computer Name = Oli | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%2
 
Error - 15.09.2013 01:29:52 | Computer Name = Oli | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 15.09.2013 01:29:52 | Computer Name = Oli | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
 
< End of report >

aharonov 16.09.2013 21:28
Gut. :)


Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Starte bitte die OTL.exe.
  • Setze den Haken bei Scan all Users.
  • Drücke auf den Quick Scan Button.
  • Poste den Inhalt von OTL.txt hier in den Thread.

Wayne123 16.09.2013 21:49
Hier die Ausgabe des AdwCleaners:
Code:
# AdwCleaner v3.004 - Bericht erstellt am 16/09/2013 um 22:33:54
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Oliver Krecek - OLI
# Gestartet von : C:\Users\Oliver Krecek\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\OLIVER~1\AppData\Local\Temp\TempDir
Ordner Gelöscht : C:\Users\Oliver Krecek\AppData\LocalLow\delta
Ordner Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\\invalidprefs.js
Datei Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\58e8ad8b66fed41
Schlüssel Gelöscht : HKLM\SOFTWARE\58e8ad8b66fed41
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16688

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Oliver Krecek\AppData\Roaming\Mozilla\Firefox\Profiles\tcsmmjn4.default\prefs.js ]

Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.delta-search.com/?affID=121561&babsrc=HP_ss&mntrId=38D1C8F7330CE1C2");
Zeile gelöscht : user_pref("avg.install.userSPSettings", "Delta Search");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "38d12c10000000000000c8f7330ce1c2");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15829");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1614:14:56");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);

*************************

AdwCleaner[R0].txt - [7367 octets] - [16/09/2013 22:31:33]
AdwCleaner[S0].txt - [6619 octets] - [16/09/2013 22:33:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6679 octets] ##########
Und hier die OTL-Ausgabe:

Code:
OTL logfile created on: 16.09.2013 22:39:26 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Oliver Krecek\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,88 Gb Total Physical Memory | 4,13 Gb Available Physical Memory | 70,29% Memory free
11,88 Gb Paging File | 10,02 Gb Available in Paging File | 84,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 434,68 Gb Total Space | 155,36 Gb Free Space | 35,74% Space Free | Partition Type: NTFS
 
Computer Name: OLI | User Name: Oliver Krecek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.16 21:50:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\otl.exe
PRC - [2013.08.18 12:30:43 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013.06.13 12:51:34 | 000,663,184 | ---- | M] (Star Finanz-Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2013.06.10 12:08:18 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013.03.14 20:57:32 | 000,373,760 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2013.02.15 18:23:34 | 014,731,776 | ---- | M] (GARMIN Corp.) -- C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
PRC - [2012.08.18 06:36:14 | 000,188,072 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2012.08.18 01:04:28 | 000,068,776 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2012.08.08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.08.08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.08.06 11:29:22 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2012.07.24 03:11:08 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.24 03:10:40 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.07.24 03:09:00 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.07.17 03:53:18 | 004,122,984 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.03.19 22:58:12 | 000,514,128 | ---- | M] (REINER SCT) -- C:\Windows\SysWOW64\cjpcsc.exe
PRC - [2010.10.28 10:10:40 | 000,189,776 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [1999.09.30 21:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.09.15 18:52:18 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013.09.15 18:52:11 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013.09.15 10:32:39 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013.09.15 10:31:58 | 000,197,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\1fc03f9a739f1ac6b62134debfafd32b\CustomMarshalers.ni.dll
MOD - [2013.09.05 17:43:46 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\acf905c62ab9c1b77ca69e8b745e3fdb\System.Core.ni.dll
MOD - [2013.09.05 17:42:57 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013.09.05 17:42:18 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013.08.18 12:30:42 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.29 08:04:12 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012.08.06 11:29:22 | 000,062,464 | ---- | M] () -- C:\Programme\Sony\VAIO Care\listener.exe
MOD - [2012.07.17 03:53:18 | 004,122,984 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
MOD - [2012.07.17 03:53:08 | 000,905,064 | ---- | M] () -- C:\Programme\AuthenTec TrueSuite\x86\DataManager.dll
MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe /McCoreSvc -- (McOobeSv2)
SRV:64bit: - [2013.08.16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.06.25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.05.01 08:15:44 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.26 17:50:29 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.08.06 11:28:56 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013.09.11 03:59:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.18 12:30:42 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.01 11:18:44 | 001,368,624 | ---- | M] (Sony Corporation) [On_Demand | Running] -- c:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013.06.13 12:51:34 | 000,663,184 | ---- | M] (Star Finanz-Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney Business 6.0 OnlineUpdate)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.26 17:22:43 | 000,069,392 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2012.08.21 03:25:13 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.08.18 06:36:14 | 000,623,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe -- (NetworkSupport)
SRV - [2012.08.18 06:36:14 | 000,068,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2012.08.08 21:48:20 | 000,056,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2012.08.08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.08.08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.08.08 11:56:22 | 000,972,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2012.08.08 11:56:18 | 000,460,512 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2012.08.08 11:23:30 | 000,123,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2012.08.08 11:23:30 | 000,078,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.24 03:11:21 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.24 03:11:08 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.24 03:10:40 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.07.24 03:09:00 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.19 19:55:44 | 000,476,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2012.07.18 13:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.07.18 13:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.07.18 13:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.07.18 13:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.07.17 03:52:46 | 002,125,160 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Programme\AuthenTec TrueSuite\TrueSuiteService.exe -- (FPLService)
SRV - [2012.07.17 01:38:26 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2012.07.16 07:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Programme\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2012.06.30 02:40:27 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.05.02 14:49:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.04.20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.03.19 22:58:12 | 000,514,128 | ---- | M] (REINER SCT) [Auto | Running] -- C:\Windows\SysWOW64\cjpcsc.exe -- (cjpcsc)
SRV - [2011.12.01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.04.05 20:07:38 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.10.28 10:10:40 | 000,189,776 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.08.16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013.07.09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.07.02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.07.02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.06.29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftvolwin7.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 19:21:48 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftredirwin7.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 19:21:46 | 000,768,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftfswin7.sys -- (Sftfs)
DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftplaywin7.sys -- (Sftplay)
DRV:64bit: - [2013.06.10 23:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.05.01 08:15:49 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013.05.01 08:15:46 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013.03.15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.01.29 19:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.26 19:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.12 18:11:19 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012.10.31 13:13:18 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\trufos.sys -- (trufos)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 05:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012.10.09 19:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 19:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 19:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 19:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.05 02:49:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.10.04 14:30:19 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.21 05:12:13 | 000,447,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.21 05:09:55 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.21 03:33:15 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.08.21 03:24:44 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.08.07 16:51:58 | 004,273,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.08.01 08:26:18 | 001,109,296 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.24 03:09:45 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.07.17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.07.17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.07.14 18:36:30 | 000,825,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.07.11 14:33:28 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2012.07.11 07:48:42 | 000,023,456 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bdelam.sys -- (bdelam)
DRV:64bit: - [2012.07.04 13:31:40 | 000,055,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012.07.03 07:37:04 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.06.30 02:40:47 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.11 04:43:12 | 000,024,280 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sows.sys -- (SOWS)
DRV:64bit: - [2012.06.02 16:31:39 | 000,283,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2012.06.02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.04.24 12:01:12 | 000,110,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.03.29 11:50:26 | 000,034,672 | ---- | M] (REINER SCT) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cjusb.sys -- (cjusb)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2007.09.06 15:53:00 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\DSI_SiUSBXp_3_1.sys -- (DSI_SiUSBXp_3_1)
DRV - [2013.05.01 08:15:31 | 000,098,768 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2012.10.17 15:13:46 | 000,106,568 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu [binary data]
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes\{D4DCE3ED-CDF2-4B05-84C2-D3B351B0071B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\..\SearchScopes\{E3348291-A1E1-45D6-86F2-492F9A9E26A4}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
IE - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.38
FF - prefs.js..extensions.enabledAddons: %7B0b457cAA-602d-484a-8fe7-c1d894a011ba%7D:0.98.41
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll (AuthenTec, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Oliver Krecek\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.03.30 15:52:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.18 12:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.03.30 15:52:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.08.18 12:30:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.04.27 13:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Extensions
[2013.04.27 13:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.09.08 10:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions
[2013.09.08 10:35:03 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2013.08.25 09:58:57 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.08.30 22:43:52 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Oliver Krecek\AppData\Roaming\mozilla\Firefox\Profiles\tcsmmjn4.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2013.08.18 12:30:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.08.18 12:30:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Intel AT Service signup] c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SMB60StarMoneyRunEntry] C:\Program Files (x86)\StarMoney Business 6.0\app\oflagent.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium\Trayserver.exe (MAGIX AG)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe (GARMIN Corp.)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [HP ENVY 110 series (NET)] C:\Program Files\HP\HP ENVY 110 series\Bin\scantopcactivationapp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3158331690-901833896-3757665153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E72C20D-58BC-49A4-978D-3973252719F1}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6759444A-8505-41B3-9306-C9A9F6AD668B}: DhcpNameServer = 10.100.26.2
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.16 22:31:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.16 21:50:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\OTL.exe
[2013.09.16 21:19:45 | 001,951,262 | ---- | C] (Farbar) -- C:\Users\Oliver Krecek\Desktop\FRST64.exe
[2013.09.16 20:31:35 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\Desktop\Downloads
[2013.09.16 19:57:09 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.14 11:03:06 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Roaming\7d4c316f1b70d0ac68316da554a221bb
[2013.09.14 11:02:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\aqua
[2013.09.14 11:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.09.07 15:35:53 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Local\Cyberlink
[2013.09.07 15:35:47 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\Documents\CyberLink
[2013.08.25 08:13:22 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Local\Garmin
[2013.08.25 08:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Garmin
[2013.08.25 08:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
[2013.08.25 08:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013.08.25 08:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2013.08.25 08:12:18 | 000,000,000 | ---D | C] -- C:\Users\Oliver Krecek\AppData\Roaming\Garmin
[2013.08.18 12:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[28 C:\Users\Oliver Krecek\Documents\*.tmp files -> C:\Users\Oliver Krecek\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.16 22:36:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.16 22:34:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.09.16 22:34:43 | 757,714,943 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.16 21:59:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.16 21:50:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oliver Krecek\Desktop\OTL.exe
[2013.09.16 21:22:53 | 000,001,922 | ---- | M] () -- C:\Users\Oliver Krecek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP ENVY 110 series (Netzwerk).lnk
[2013.09.16 21:19:45 | 001,951,262 | ---- | M] (Farbar) -- C:\Users\Oliver Krecek\Desktop\FRST64.exe
[2013.09.16 20:36:02 | 001,746,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.16 20:36:02 | 000,753,578 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.16 20:36:02 | 000,710,688 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.16 20:36:02 | 000,156,012 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.16 20:36:02 | 000,132,800 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.16 20:28:39 | 001,039,554 | ---- | M] () -- C:\Users\Oliver Krecek\Desktop\adwcleaner.exe
[2013.09.15 09:42:53 | 000,005,159 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2013.09.14 11:03:00 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Reiserführer AMI.lnk
[2013.09.14 07:59:02 | 000,410,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.14 07:58:59 | 885,049,272 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.09.13 18:39:18 | 001,774,862 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.07 15:46:23 | 009,852,542 | ---- | M] () -- C:\Users\Oliver Krecek\Desktop\accessoryoverview_en-GB.pdf
[2013.09.01 18:35:35 | 000,000,030 | ---- | M] () -- C:\Windows\iedit.INI
[28 C:\Users\Oliver Krecek\Documents\*.tmp files -> C:\Users\Oliver Krecek\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.09.16 20:28:38 | 001,039,554 | ---- | C] () -- C:\Users\Oliver Krecek\Desktop\adwcleaner.exe
[2013.09.14 11:03:00 | 000,001,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aqua_bacvb2013-de.lnk
[2013.09.14 11:03:00 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Reiserführer AMI.lnk
[2013.09.14 07:59:02 | 000,410,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.12 18:52:47 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.09.12 18:50:46 | 000,000,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.09.12 03:04:25 | 000,387,583 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.09.07 15:46:21 | 009,852,542 | ---- | C] () -- C:\Users\Oliver Krecek\Desktop\accessoryoverview_en-GB.pdf
[2013.06.08 17:59:30 | 000,000,936 | ---- | C] () -- C:\Users\Oliver Krecek\AppData\Local\recently-used.xbel
[2013.05.04 18:52:05 | 000,007,103 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013.05.04 18:02:20 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.04.28 16:36:36 | 000,147,492 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013.04.08 17:03:00 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.04.06 09:26:42 | 000,000,590 | ---- | C] () -- C:\Windows\wiso.ini
[2013.04.02 19:15:57 | 000,740,362 | ---- | C] () -- C:\Windows\unins000.exe
[2013.04.02 19:15:57 | 000,311,351 | ---- | C] () -- C:\Windows\unins000.dat
[2013.03.31 10:43:36 | 000,000,030 | ---- | C] () -- C:\Windows\iedit.INI
[2013.03.30 19:05:20 | 000,000,591 | ---- | C] () -- C:\Windows\cedt.INI
[2013.03.30 16:56:09 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2013.03.30 16:56:09 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2013.03.30 15:53:44 | 000,543,497 | ---- | C] () -- C:\ProgramData\1364651054.bdinstall.bin
[2013.03.30 10:46:47 | 000,005,159 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2013.03.30 01:57:58 | 000,000,396 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2013.03.30 01:57:54 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll
[2013.03.30 01:57:54 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll
[2013.03.30 01:13:53 | 001,774,862 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.01 10:11:28 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.11.01 08:36:19 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.08.21 21:01:33 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.08.21 21:01:30 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.08.21 21:01:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.05.04 14:14:13 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.09.14 11:03:06 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\7d4c316f1b70d0ac68316da554a221bb
[2013.05.31 13:34:21 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Antares
[2013.05.04 14:22:03 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Anvsoft
[2013.03.30 15:48:59 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Bitdefender
[2013.04.06 09:32:26 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Buhl Data Service
[2013.05.04 14:25:27 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\DVDVideoSoft
[2013.05.26 08:52:28 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\FireShot
[2013.08.25 08:13:26 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Garmin
[2013.05.11 10:39:03 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\IcoFX
[2013.03.30 01:20:59 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\IrfanView
[2013.05.04 18:30:56 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\MAGIX
[2013.03.30 00:36:32 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\Opera
[2013.03.30 15:27:15 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\PDF Architect
[2013.03.30 18:32:47 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\ProtectDisc
[2013.03.30 15:46:51 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\QuickScan
[2013.09.16 18:19:00 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\SoftGrid Client
[2013.04.27 13:12:38 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\TomTom
[2013.03.30 01:14:36 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\TP
[2013.08.04 18:08:07 | 000,000,000 | ---D | M] -- C:\Users\Oliver Krecek\AppData\Roaming\XnView
 
========== Purity Check ==========
 
 

< End of report >

aharonov 16.09.2013 22:20
Schritt 1

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 2


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Wayne123 17.09.2013 18:16
Hier die erste Ausgabe:

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.16.08

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
Oliver Krecek :: OLI [Administrator]

Schutz: Aktiviert

16.09.2013 23:26:12
mbam-log-2013-09-16 (23-26-12).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 260856
Laufzeit: 7 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Oliver Krecek\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.16.16 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 9
C:\Users\Oliver Krecek\AppData\Local\Temp\eMlMjqDW.exe.part (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\FreemakeVideoConverter_4.0.1.1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-3158331690-901833896-3757665153-1002\$RD5YDVK.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\1E17C8E2-BAB0-7891-90FE-053D47236DF5\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\1E17C8E2-BAB0-7891-90FE-053D47236DF5\Latest\CrxInstaller.dum (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\1E17C8E2-BAB0-7891-90FE-053D47236DF5\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\AppData\Local\Temp\1E17C8E2-BAB0-7891-90FE-053D47236DF5\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\Downloads\FreemakeVideoConverterSetup_4.0.1.1.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Oliver Krecek\Downloads\SoftonicDownloader_fuer_wondershare-vivideo.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Nach mehreren Anläufen hat es endlich geklappt und ESET ist durchgelaufen...

Hier die Ausgabe:
Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=527d186f2aa0f74ea200fd7c159e3955
# engine=15165
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-17 05:13:47
# local_time=2013-09-17 07:13:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 2937233 38944138 0 0
# scanned=356225
# found=3
# cleaned=0
# scan_time=8497
sh=918D247ECE654DF2E2076D51DCC6EBDB2D5E793E ft=1 fh=68b11993ee235d6d vn="a variant of Win32/Kryptik.BKPR trojan" ac=I fn="C:\FRST\Quarantine\6jt1z8lwz8.plz"
sh=918D247ECE654DF2E2076D51DCC6EBDB2D5E793E ft=1 fh=68b11993ee235d6d vn="a variant of Win32/Kryptik.BKPR trojan" ac=I fn="C:\FRST\Quarantine\npynxaxmkjjvxchwicx.bfg"
sh=918D247ECE654DF2E2076D51DCC6EBDB2D5E793E ft=1 fh=68b11993ee235d6d vn="a variant of Win32/Kryptik.BKPR trojan" ac=I fn="C:\Users\Oliver Krecek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\399a5891-3022acbc"


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:31 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131