| |
| |||||||
Log-Analyse und Auswertung: GVU-Trojaner - nach Kapesky Rescue WindowsUnlocker & AntiMalware Benutzung - entfernt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.09.2012, 01:41
| #1 |
| |  GVU-Trojaner - nach Kapesky Rescue WindowsUnlocker & AntiMalware Benutzung - entfernt? Hallo auch von mir ans Team  ,habe/hatte seit Donnerstag (30.08.2012) den GVU-Trojaner. Ich habe dann den WindowsUnlocker benutzt und mit AntiMalware versucht, alles los zu werden... Danach bin ich auf das Forum aufmerksam geworden :-) Habe nun alle Schritte soweit befolgt und anbei somit der OTL-scan. Hoffe ihr könnt mir sagen, ob der Rechner nun einigermaßen sauber ist. Vielen Dank!!! OTL-Logfile: Code:
ATTFilter OTL logfile created on: 02.09.2012 02:18:45 - Run 3 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\xxxxxxx\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 59,15% Memory free 5,99 Gb Paging File | 4,67 Gb Available in Paging File | 77,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 78,12 Gb Total Space | 12,62 Gb Free Space | 16,16% Space Free | Partition Type: NTFS Drive D: | 149,05 Gb Total Space | 6,02 Gb Free Space | 4,04% Space Free | Partition Type: NTFS Drive E: | 70,92 Gb Total Space | 25,35 Gb Free Space | 35,74% Space Free | Partition Type: NTFS Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 963,98 Mb Total Space | 532,64 Mb Free Space | 55,25% Space Free | Partition Type: FAT32 Computer Name: xxxxxxx-PC | User Name: xxxxxxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (All) ========== PRC - C:\Users\xxxxxxx\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Computer, Inc.) ========== Modules (All) ========== MOD - C:\Users\xxxxxxx\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MOD - C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) MOD - C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\MSVCP71.dll (Microsoft Corporation) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\gpipc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccgen.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccwgrd.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccmsg.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccupdrc.dll (Avira Operations GmbH & Co. KG) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll (Avira Operations GmbH & Co. KG) MOD - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MOD - C:\Windows\SysWOW64\netapi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\browcli.dll (Microsoft Corporation) MOD - C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll (Dropbox, Inc.) MOD - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\jscript9.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wininet.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\jscript.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\iertutil.dll (Microsoft Corporation) MOD - C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\MSVCR71.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msxml6.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msxml3.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\secur32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\nvd3dum.dll (NVIDIA Corporation) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccupdate.dll (Avira Operations GmbH & Co. KG) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccguard.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccgrdw.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\cclic.dll (Avira Operations GmbH & Co. KG) MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\cfglib.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccgenrc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccgrdrc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccmainrc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\cclicrc.dll (Avira Operations GmbH & Co. KG) MOD - c:\program files (x86)\avira\antivir desktop\ccmsgrc.dll (Avira Operations GmbH & Co. KG) MOD - C:\Windows\SysWOW64\srclient.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\crypt32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msls31.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\DWrite.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation) MOD - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MOD - C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msvcrt.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ntdll.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\oleaut32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\oleacc.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\kernel32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\xmllite.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\devobj.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\devrtl.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\ssleay32.dll (The OpenSSL Project, hxxp://www.openssl.org/) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\libeay32.dll (The OpenSSL Project, hxxp://www.openssl.org/) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommoncrypt.dll (Cisco Systems, Inc.) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommon.dll (Cisco Systems, Inc.) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll (Cisco Systems, Inc.) MOD - C:\Windows\SysWOW64\dnsapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mfc100u.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msvcp100.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mfc100deu.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d2d1.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msvcr100.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d3d10_1.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wtsapi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ws2_32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\WindowsCodecs.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\Wldap32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\winmm.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\winsta.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wkscli.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wer.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\vssapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\usp10.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\userenv.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\sxs.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\srvcli.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\spp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\shlwapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\shdocvw.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\setupapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\samcli.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\riched20.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\RpcRtRemote.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rtutils.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\propsys.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ole32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\olepro32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\netutils.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msasn1.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\MMDevAPI.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mapi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\logoncli.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\IPHLPAPI.DLL (Microsoft Corporation) MOD - C:\Windows\SysWOW64\gameux.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\FWPUCLNT.DLL (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ExplorerFrame.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dxgi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dbghelp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d3d9.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d3d10warp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\cryptui.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d3d10_1core.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\cscapi.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\AudioSes.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\asycfilt.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\apphelp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\advapi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\activeds.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\winspool.drv (Microsoft Corporation) MOD - C:\Windows\SysWOW64\user32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rpcrt4.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\gdi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\imm32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rsaenh.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wsock32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wship6.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\WSHTCPIP.DLL (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wlanapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\winnsi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wlanutil.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\vsstrace.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\version.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\slc.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\sfc_os.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\shfolder.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\sechost.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\samlib.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\SensApi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rasapi32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\powrprof.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\oledlg.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rasman.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\profapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\rasadhlp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\psapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ntmarta.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\ntdsapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\nsi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msvcp60.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msimtf.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msimg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msctf.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msacm32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mpr.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\mlang.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\linkinfo.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\FirewallAPI.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dui70.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\duser.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dhcpcsvc.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\dhcpcsvc6.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\d3d8thk.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\cryptsp.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\clbcatq.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\avrt.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\atl.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\adsldpc.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\SysWOW64\uxtheme.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\lpk.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\sfc.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\security.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\icmp.dll (Microsoft Corporation) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.) MOD - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) MOD - C:\PROGRA~2\MICROS~1\Office12\GrooveUtil.DLL (Microsoft Corporation) MOD - C:\PROGRA~2\MICROS~1\Office12\GrooveNew.DLL (Microsoft Corporation) MOD - C:\Program Files (x86)\Microsoft Office\Office12\1031\ONINTL.DLL (Microsoft Corporation) MOD - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.deu (Adobe Systems Inc.) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroTray.FRA (Adobe Systems Inc.) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll (Macrovision Europe Ltd.) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll (Adobe Systems Incorporated) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll (Adobe Systems Incorporated) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll (Adobe Systems Incorporated) MOD - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\asneu.dll (Adobe Systems Inc.) MOD - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) ========== Services (All) ========== SRV:64bit: - (Browser) -- C:\Windows\SysNative\browser.dll (Microsoft Corporation) SRV:64bit: - (wuauserv) -- C:\Windows\SysNative\wuaueng.dll (Microsoft Corporation) SRV:64bit: - (nvsvc) -- C:\Windows\SysNative\nvvsvc.exe (NVIDIA Corporation) SRV:64bit: - (ProfSvc) -- C:\Windows\SysNative\profsvc.dll (Microsoft Corporation) SRV:64bit: - (CryptSvc) -- C:\Windows\SysNative\cryptsvc.dll (Microsoft Corporation) SRV:64bit: - (Spooler) -- C:\Windows\SysNative\spoolsv.exe (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (SamSs) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (ProtectedStorage) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation) SRV:64bit: - (PlugPlay) -- C:\Windows\SysNative\umpnpmgr.dll (Microsoft Corporation) SRV:64bit: - (WSearch) -- C:\Windows\SysNative\SearchIndexer.exe (Microsoft Corporation) SRV:64bit: - (Dnscache) -- C:\Windows\SysNative\dnsrslvr.dll (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (wudfsvc) -- C:\Windows\SysNative\WUDFSvc.dll (Microsoft Corporation) SRV:64bit: - (WinRM) -- C:\Windows\SysNative\WsmSvc.dll (Microsoft Corporation) SRV:64bit: - (eventlog) -- C:\Windows\SysNative\wevtsvc.dll (Microsoft Corporation) SRV:64bit: - (stisvc) -- C:\Windows\SysNative\wiaservc.dll (Microsoft Corporation) SRV:64bit: - (WinHttpAutoProxySvc) -- C:\Windows\SysNative\winhttp.dll (Microsoft Corporation) SRV:64bit: - (WebClient) -- C:\Windows\SysNative\WebClnt.dll (Microsoft Corporation) SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\wkssvc.dll (Microsoft Corporation) SRV:64bit: - (WPDBusEnum) -- C:\Windows\SysNative\wpdbusenum.dll (Microsoft Corporation) SRV:64bit: - (wcncsvc) -- C:\Windows\SysNative\wcncsvc.dll (Microsoft Corporation) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (SysMain) -- C:\Windows\SysNative\sysmain.dll (Microsoft Corporation) SRV:64bit: - (TermService) -- C:\Windows\SysNative\termsrv.dll (Microsoft Corporation) SRV:64bit: - (TapiSrv) -- C:\Windows\SysNative\tapisrv.dll (Microsoft Corporation) SRV:64bit: - (LanmanServer) -- C:\Windows\SysNative\srvsvc.dll (Microsoft Corporation) SRV:64bit: - (TabletInputService) -- C:\Windows\SysNative\TabSvc.dll (Microsoft Corporation) SRV:64bit: - (Schedule) -- C:\Windows\SysNative\schedsvc.dll (Microsoft Corporation) SRV:64bit: - (ShellHWDetection) -- C:\Windows\SysNative\shsvcs.dll (Microsoft Corporation) SRV:64bit: - (SDRSVC) -- C:\Windows\SysNative\sdrsvc.dll (Microsoft Corporation) SRV:64bit: - (SessionEnv) -- C:\Windows\SysNative\SessEnv.dll (Microsoft Corporation) SRV:64bit: - (seclogon) -- C:\Windows\SysNative\seclogon.dll (Microsoft Corporation) SRV:64bit: - (RpcSs) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation) SRV:64bit: - (DcomLaunch) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation) SRV:64bit: - (RasMan) -- C:\Windows\SysNative\rasmans.dll (Microsoft Corporation) SRV:64bit: - (pla) -- C:\Windows\SysNative\pla.dll (Microsoft Corporation) SRV:64bit: - (BITS) -- C:\Windows\SysNative\qmgr.dll (Microsoft Corporation) SRV:64bit: - (napagent) -- C:\Windows\SysNative\QAGENTRT.DLL (Microsoft Corporation) SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation) SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\nlasvc.dll (Microsoft Corporation) SRV:64bit: - (MpsSvc) -- C:\Windows\SysNative\MPSSVC.dll (Microsoft Corporation) SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation) SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation) SRV:64bit: - (hkmsvc) -- C:\Windows\SysNative\KMSVC.DLL (Microsoft Corporation) SRV:64bit: - (iphlpsvc) -- C:\Windows\SysNative\iphlpsvc.dll (Microsoft Corporation) SRV:64bit: - (PolicyAgent) -- C:\Windows\SysNative\IPSECSVC.DLL (Microsoft Corporation) SRV:64bit: - (IKEEXT) -- C:\Windows\SysNative\IKEEXT.DLL (Microsoft Corporation) SRV:64bit: - (gpsvc) -- C:\Windows\SysNative\gpsvc.dll (Microsoft Corporation) SRV:64bit: - (dot3svc) -- C:\Windows\SysNative\dot3svc.dll (Microsoft Corporation) SRV:64bit: - (DPS) -- C:\Windows\SysNative\dps.dll (Microsoft Corporation) SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (SCPolicySvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation) SRV:64bit: - (CertPropSvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation) SRV:64bit: - (BFE) -- C:\Windows\SysNative\BFE.DLL (Microsoft Corporation) SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation) SRV:64bit: - (AudioSrv) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation) SRV:64bit: - (Appinfo) -- C:\Windows\SysNative\appinfo.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (VSS) -- C:\Windows\SysNative\VSSVC.exe (Microsoft Corporation) SRV:64bit: - (vds) -- C:\Windows\SysNative\vds.exe (Microsoft Corporation) SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation) SRV:64bit: - (msiserver) -- C:\Windows\SysNative\msiexec.exe (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation) SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation) SRV:64bit: - (wscsvc) -- C:\Windows\SysNative\wscsvc.dll (Microsoft Corporation) SRV:64bit: - (WPCSvc) -- C:\Windows\SysNative\wpcsvc.dll (Microsoft Corporation) SRV:64bit: - (Wlansvc) -- C:\Windows\SysNative\wlansvc.dll (Microsoft Corporation) SRV:64bit: - (W32Time) -- C:\Windows\SysNative\w32time.dll (Microsoft Corporation) SRV:64bit: - (upnphost) -- C:\Windows\SysNative\upnphost.dll (Microsoft Corporation) SRV:64bit: - (Winmgmt) -- C:\Windows\SysNative\wbem\WMIsvc.dll (Microsoft Corporation) SRV:64bit: - (Wecsvc) -- C:\Windows\SysNative\wecsvc.dll (Microsoft Corporation) SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation) SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation) SRV:64bit: - (WdiSystemHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation) SRV:64bit: - (WdiServiceHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation) SRV:64bit: - (wercplsupport) -- C:\Windows\SysNative\wercplsupport.dll (Microsoft Corporation) SRV:64bit: - (WerSvc) -- C:\Windows\SysNative\wersvc.dll (Microsoft Corporation) SRV:64bit: - (WcsPlugInService) -- C:\Windows\SysNative\WcsPlugInService.dll (Microsoft Corporation) SRV:64bit: - (UxSms) -- C:\Windows\SysNative\uxsms.dll (Microsoft Corporation) SRV:64bit: - (TrkWks) -- C:\Windows\SysNative\trkwks.dll (Microsoft Corporation) SRV:64bit: - (TBS) -- C:\Windows\SysNative\tbssvc.dll (Microsoft Corporation) SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation) SRV:64bit: - (swprv) -- C:\Windows\SysNative\swprv.dll (Microsoft Corporation) SRV:64bit: - (SSDPSRV) -- C:\Windows\SysNative\ssdpsrv.dll (Microsoft Corporation) SRV:64bit: - (SstpSvc) -- C:\Windows\SysNative\sstpsvc.dll (Microsoft Corporation) SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation) SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation) SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation) SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation) SRV:64bit: - (p2psvc) -- C:\Windows\SysNative\p2psvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation) SRV:64bit: - (QWAVE) -- C:\Windows\SysNative\qwave.dll (Microsoft Corporation) SRV:64bit: - (SCardSvr) -- C:\Windows\SysNative\SCardSvr.dll (Microsoft Corporation) SRV:64bit: - (PcaSvc) -- C:\Windows\SysNative\pcasvc.dll (Microsoft Corporation) SRV:64bit: - (RemoteRegistry) -- C:\Windows\SysNative\regsvc.dll (Microsoft Corporation) SRV:64bit: - (RasAuto) -- C:\Windows\SysNative\rasauto.dll (Microsoft Corporation) SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation) SRV:64bit: - (SENS) -- C:\Windows\SysNative\Sens.dll (Microsoft Corporation) SRV:64bit: - (nsi) -- C:\Windows\SysNative\nsisvc.dll (Microsoft Corporation) SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofm.dll (Microsoft Corporation) SRV:64bit: - (Netman) -- C:\Windows\SysNative\netman.dll (Microsoft Corporation) SRV:64bit: - (KtmRm) -- C:\Windows\SysNative\msdtckrm.dll (Microsoft Corporation) SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation) SRV:64bit: - (THREADORDER) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation) SRV:64bit: - (MMCSS) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation) SRV:64bit: - (lltdsvc) -- C:\Windows\SysNative\lltdsvc.dll (Microsoft Corporation) SRV:64bit: - (lmhosts) -- C:\Windows\SysNative\lmhsvc.dll (Microsoft Corporation) SRV:64bit: - (MSiSCSI) -- C:\Windows\SysNative\iscsiexe.dll (Microsoft Corporation) SRV:64bit: - (SharedAccess) -- C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation) SRV:64bit: - (IPBusEnum) -- C:\Windows\SysNative\IPBusEnum.dll (Microsoft Corporation) SRV:64bit: - (hidserv) -- C:\Windows\SysNative\hidserv.dll (Microsoft Corporation) SRV:64bit: - (FDResPub) -- C:\Windows\SysNative\FDResPub.dll (Microsoft Corporation) SRV:64bit: - (fdPHost) -- C:\Windows\SysNative\fdPHost.dll (Microsoft Corporation) SRV:64bit: - (EventSystem) -- C:\Windows\SysNative\es.dll (Microsoft Corporation) SRV:64bit: - (EapHost) -- C:\Windows\SysNative\eapsvc.dll (Microsoft Corporation) SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation) SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (AeLookupSvc) -- C:\Windows\SysNative\aelupsvc.dll (Microsoft Corporation) SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation) SRV:64bit: - (wmiApSrv) -- C:\Windows\SysNative\wbem\WmiApSrv.exe (Microsoft Corporation) SRV:64bit: - (UI0Detect) -- C:\Windows\SysNative\UI0Detect.exe (Microsoft Corporation) SRV:64bit: - (SNMPTRAP) -- C:\Windows\SysNative\snmptrap.exe (Microsoft Corporation) SRV:64bit: - (MSDTC) -- C:\Windows\SysNative\msdtc.exe (Microsoft Corporation) SRV:64bit: - (RpcLocator) -- C:\Windows\SysNative\Locator.exe (Microsoft Corporation) SRV:64bit: - (COMSysApp) -- C:\Windows\SysNative\dllhost.exe (Microsoft Corporation) SRV:64bit: - (ALG) -- C:\Windows\SysNative\alg.exe (Microsoft Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (gupdatem) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (gupdate) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (CryptSvc) -- C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (mitsijm2013) -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe ( ) SRV - (WSearch) -- C:\Windows\SysWow64\SearchIndexer.exe (Microsoft Corporation) SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (mitsijm2012) -- C:\Programme\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (Autodesk, Inc.) SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation) SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation) SRV - (WinRM) -- C:\Windows\SysWOW64\WsmSvc.dll (Microsoft Corporation) SRV - (WinHttpAutoProxySvc) -- C:\Windows\SysWow64\winhttp.dll (Microsoft Corporation) SRV - (wcncsvc) -- C:\Windows\SysWOW64\wcncsvc.dll (Microsoft Corporation) SRV - (WebClient) -- C:\Windows\SysWOW64\WebClnt.dll (Microsoft Corporation) SRV - (TapiSrv) -- C:\Windows\SysWOW64\tapisrv.dll (Microsoft Corporation) SRV - (ShellHWDetection) -- C:\Windows\SysWOW64\shsvcs.dll (Microsoft Corporation) SRV - (SessionEnv) -- C:\Windows\SysWOW64\SessEnv.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation) SRV - (pla) -- C:\Windows\SysWOW64\pla.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation) SRV - (msiserver) -- C:\Windows\SysWow64\msiexec.exe (Microsoft Corporation) SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (WPCSvc) -- C:\Windows\SysWOW64\wpcsvc.dll (Microsoft Corporation) SRV - (WdiSystemHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation) SRV - (WdiServiceHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation) SRV - (WcsPlugInService) -- C:\Windows\SysWOW64\WcsPlugInService.dll (Microsoft Corporation) SRV - (upnphost) -- C:\Windows\SysWOW64\upnphost.dll (Microsoft Corporation) SRV - (SENS) -- C:\Windows\SysWOW64\Sens.dll (Microsoft Corporation) SRV - (QWAVE) -- C:\Windows\SysWOW64\qwave.dll (Microsoft Corporation) SRV - (netprofm) -- C:\Windows\SysWOW64\netprofm.dll (Microsoft Corporation) SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation) SRV - (hidserv) -- C:\Windows\SysWOW64\hidserv.dll (Microsoft Corporation) SRV - (EventSystem) -- C:\Windows\SysWOW64\es.dll (Microsoft Corporation) SRV - (AppMgmt) -- C:\Windows\SysWOW64\appmgmts.dll (Microsoft Corporation) SRV - (PerfHost) -- C:\Windows\SysWOW64\perfhost.exe (Microsoft Corporation) SRV - (COMSysApp) -- C:\Windows\SysWow64\dllhost.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (odserv) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Bonjour Service) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Computer, Inc.) ========== Driver Services (All) ========== DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation) DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation) DRV:64bit: - (KSecDD) -- C:\Windows\SysNative\drivers\ksecdd.sys (Microsoft Corporation) DRV:64bit: - (VBoxDrv) -- C:\Windows\SysNative\drivers\VBoxDrv.sys (Oracle Corporation) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (VBoxUSBMon) -- C:\Windows\SysNative\drivers\VBoxUSBMon.sys (Oracle Corporation) DRV:64bit: - (VBoxNetFlt) -- C:\Windows\SysNative\drivers\VBoxNetFlt.sys (Oracle Corporation) DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (RDPWD) -- C:\Windows\SysNative\drivers\rdpwd.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (TCPIP6) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation) DRV:64bit: - (Tcpip) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation) DRV:64bit: - (partmgr) -- C:\Windows\SysNative\drivers\partmgr.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (TDTCP) -- C:\Windows\SysNative\drivers\tdtcp.sys (Microsoft Corporation) DRV:64bit: - (AFD) -- C:\Windows\SysNative\drivers\afd.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (mrxsmb10) -- C:\Windows\SysNative\drivers\mrxsmb10.sys (Microsoft Corporation) DRV:64bit: - (srv) -- C:\Windows\SysNative\drivers\srv.sys (Microsoft Corporation) DRV:64bit: - (srv2) -- C:\Windows\SysNative\drivers\srv2.sys (Microsoft Corporation) DRV:64bit: - (srvnet) -- C:\Windows\SysNative\drivers\srvnet.sys (Microsoft Corporation) DRV:64bit: - (mrxsmb) -- C:\Windows\SysNative\drivers\mrxsmb.sys (Microsoft Corporation) DRV:64bit: - (mrxsmb20) -- C:\Windows\SysNative\drivers\mrxsmb20.sys (Microsoft Corporation) DRV:64bit: - (usbhub) -- C:\Windows\SysNative\drivers\usbhub.sys (Microsoft Corporation) DRV:64bit: - (usbccgp) -- C:\Windows\SysNative\drivers\usbccgp.sys (Microsoft Corporation) DRV:64bit: - (usbehci) -- C:\Windows\SysNative\drivers\usbehci.sys (Microsoft Corporation) DRV:64bit: - (usbohci) -- C:\Windows\SysNative\drivers\usbohci.sys (Microsoft Corporation) DRV:64bit: - (usbuhci) -- C:\Windows\SysNative\drivers\usbuhci.sys (Microsoft Corporation) DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.) DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\drivers\ntfs.sys (Microsoft Corporation) DRV:64bit: - (nvstor) -- C:\Windows\SysNative\drivers\nvstor.sys (NVIDIA Corporation) DRV:64bit: - (nvraid) -- C:\Windows\SysNative\drivers\nvraid.sys (NVIDIA Corporation) DRV:64bit: - (iaStorV) -- C:\Windows\SysNative\drivers\iaStorV.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (USBSTOR) -- C:\Windows\SysNative\drivers\USBSTOR.SYS (Microsoft Corporation) DRV:64bit: - (bowser) -- C:\Windows\SysNative\drivers\bowser.sys (Microsoft Corporation) DRV:64bit: - (volsnap) -- C:\Windows\SysNative\drivers\volsnap.sys (Microsoft Corporation) DRV:64bit: - (volmgrx) -- C:\Windows\SysNative\drivers\volmgrx.sys (Microsoft Corporation) DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation) DRV:64bit: - (volmgr) -- C:\Windows\SysNative\drivers\volmgr.sys (Microsoft Corporation) DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation) DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation) DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation) DRV:64bit: - (TermDD) -- C:\Windows\SysNative\drivers\termdd.sys (Microsoft Corporation) DRV:64bit: - (sbp2port) -- C:\Windows\SysNative\drivers\sbp2port.sys (Microsoft Corporation) DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation) DRV:64bit: - (pci) -- C:\Windows\SysNative\drivers\pci.sys (Microsoft Corporation) DRV:64bit: - (NDIS) -- C:\Windows\SysNative\drivers\ndis.sys (Microsoft Corporation) DRV:64bit: - (MsRPC) -- C:\Windows\SysNative\drivers\msrpc.sys (Microsoft Corporation) DRV:64bit: - (iScsiPrt) -- C:\Windows\SysNative\drivers\msiscsi.sys (Microsoft Corporation) DRV:64bit: - (mpio) -- C:\Windows\SysNative\drivers\mpio.sys (Microsoft Corporation) DRV:64bit: - (msdsm) -- C:\Windows\SysNative\drivers\msdsm.sys (Microsoft Corporation) DRV:64bit: - (msahci) -- C:\Windows\SysNative\drivers\msahci.sys (Microsoft Corporation) DRV:64bit: - (mountmgr) -- C:\Windows\SysNative\drivers\mountmgr.sys (Microsoft Corporation) DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (FltMgr) -- C:\Windows\SysNative\drivers\fltMgr.sys (Microsoft Corporation) DRV:64bit: - (DXGKrnl) -- C:\Windows\SysNative\drivers\dxgkrnl.sys (Microsoft Corporation) DRV:64bit: - (ACPI) -- C:\Windows\SysNative\drivers\acpi.sys (Microsoft Corporation) DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RDPDR) -- C:\Windows\SysNative\drivers\rdpdr.sys (Microsoft Corporation) DRV:64bit: - (tssecsrv) -- C:\Windows\SysNative\drivers\tssecsrv.sys (Microsoft Corporation) DRV:64bit: - (Wanarpv6) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation) DRV:64bit: - (WANARP) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation) DRV:64bit: - (Rasl2tp) -- C:\Windows\SysNative\drivers\rasl2tp.sys (Microsoft Corporation) DRV:64bit: - (NdisWan) -- C:\Windows\SysNative\drivers\ndiswan.sys (Microsoft Corporation) DRV:64bit: - (PptpMiniport) -- C:\Windows\SysNative\drivers\raspptp.sys (Microsoft Corporation) DRV:64bit: - (Psched) -- C:\Windows\SysNative\drivers\pacer.sys (Microsoft Corporation) DRV:64bit: - (NDProxy) -- C:\Windows\SysNative\drivers\ndproxy.sys (Microsoft Corporation) DRV:64bit: - (IpFilterDriver) -- C:\Windows\SysNative\drivers\ipfltdrv.sys (Microsoft Corporation) DRV:64bit: - (tunnel) -- C:\Windows\SysNative\drivers\tunnel.sys (Microsoft Corporation) DRV:64bit: - (tcpipreg) -- C:\Windows\SysNative\drivers\tcpipreg.sys (Microsoft Corporation) DRV:64bit: - (Ndisuio) -- C:\Windows\SysNative\drivers\ndisuio.sys (Microsoft Corporation) DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation) DRV:64bit: - (umbus) -- C:\Windows\SysNative\drivers\umbus.sys (Microsoft Corporation) DRV:64bit: - (usbvideo) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation) DRV:64bit: - (HidUsb) -- C:\Windows\SysNative\drivers\hidusb.sys (Microsoft Corporation) DRV:64bit: - (HDAudBus) -- C:\Windows\SysNative\drivers\hdaudbus.sys (Microsoft Corporation) DRV:64bit: - (WUDFRd) -- C:\Windows\SysNative\drivers\WUDFRd.sys (Microsoft Corporation) DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation) DRV:64bit: - (sffp_sd) -- C:\Windows\SysNative\drivers\sffp_sd.sys (Microsoft Corporation) DRV:64bit: - (kbdhid) -- C:\Windows\SysNative\drivers\kbdhid.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation) DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation) DRV:64bit: - (IPMIDRV) -- C:\Windows\SysNative\drivers\IPMIDrv.sys (Microsoft Corporation) DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation) DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation) DRV:64bit: - (rdbss) -- C:\Windows\SysNative\drivers\rdbss.sys (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (MRxDAV) -- C:\Windows\SysNative\drivers\mrxdav.sys (Microsoft Corporation) DRV:64bit: - (DfsC) -- C:\Windows\SysNative\drivers\dfsc.sys (Microsoft Corporation) DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation) DRV:64bit: - (HTTP) -- C:\Windows\SysNative\drivers\http.sys (Microsoft Corporation) DRV:64bit: - (NetBT) -- C:\Windows\SysNative\drivers\netbt.sys (Microsoft Corporation) DRV:64bit: - (tdx) -- C:\Windows\SysNative\drivers\tdx.sys (Microsoft Corporation) DRV:64bit: - (cdrom) -- C:\Windows\SysNative\drivers\cdrom.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\clfs.sys (Microsoft Corporation) DRV:64bit: - (Compbatt) -- C:\Windows\SysNative\drivers\compbatt.sys (Microsoft Corporation) DRV:64bit: - (cmdide) -- C:\Windows\SysNative\drivers\cmdide.sys (CMD Technology, Inc.) DRV:64bit: - (adp94xx) -- C:\Windows\SysNative\drivers\adp94xx.sys (Adaptec, Inc.) DRV:64bit: - (adpahci) -- C:\Windows\SysNative\drivers\adpahci.sys (Adaptec, Inc.) DRV:64bit: - (adpu320) -- C:\Windows\SysNative\drivers\adpu320.sys (Adaptec, Inc.) DRV:64bit: - (arcsas) -- C:\Windows\SysNative\drivers\arcsas.sys (Adaptec, Inc.) DRV:64bit: - (arc) -- C:\Windows\SysNative\drivers\arc.sys (Adaptec, Inc.) DRV:64bit: - (agp440) -- C:\Windows\SysNative\drivers\AGP440.sys (Microsoft Corporation) DRV:64bit: - (atapi) -- C:\Windows\SysNative\drivers\atapi.sys (Microsoft Corporation) DRV:64bit: - (amdide) -- C:\Windows\SysNative\drivers\amdide.sys (Microsoft Corporation) DRV:64bit: - (aliide) -- C:\Windows\SysNative\drivers\aliide.sys (Acer Laboratories Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (Mup) -- C:\Windows\SysNative\drivers\mup.sys (Microsoft Corporation) DRV:64bit: - (mouclass) -- C:\Windows\SysNative\drivers\mouclass.sys (Microsoft Corporation) DRV:64bit: - (mssmbios) -- C:\Windows\SysNative\drivers\mssmbios.sys (Microsoft Corporation) DRV:64bit: - (msisadrv) -- C:\Windows\SysNative\drivers\msisadrv.sys (Microsoft Corporation) DRV:64bit: - (nv_agp) -- C:\Windows\SysNative\drivers\NV_AGP.SYS (Microsoft Corporation) DRV:64bit: - (nfrd960) -- C:\Windows\SysNative\drivers\nfrd960.sys (IBM Corporation) DRV:64bit: - (MegaSR) -- C:\Windows\SysNative\drivers\MegaSR.sys (LSI Corporation, Inc.) DRV:64bit: - (LSI_SCSI) -- C:\Windows\SysNative\drivers\lsi_scsi.sys (LSI Corporation) DRV:64bit: - (LSI_FC) -- C:\Windows\SysNative\drivers\lsi_fc.sys (LSI Corporation) DRV:64bit: - (LSI_SAS) -- C:\Windows\SysNative\drivers\lsi_sas.sys (LSI Corporation) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (kbdclass) -- C:\Windows\SysNative\drivers\kbdclass.sys (Microsoft Corporation) DRV:64bit: - (iirsp) -- C:\Windows\SysNative\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV:64bit: - (megasas) -- C:\Windows\SysNative\drivers\megasas.sys (LSI Corporation) DRV:64bit: - (isapnp) -- C:\Windows\SysNative\drivers\isapnp.sys (Microsoft Corporation) DRV:64bit: - (intelide) -- C:\Windows\SysNative\drivers\intelide.sys (Microsoft Corporation) DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation) DRV:64bit: - (elxstor) -- C:\Windows\SysNative\drivers\elxstor.sys (Emulex) DRV:64bit: - (Disk) -- C:\Windows\SysNative\drivers\disk.sys (Microsoft Corporation) DRV:64bit: - (FileInfo) -- C:\Windows\SysNative\drivers\fileinfo.sys (Microsoft Corporation) DRV:64bit: - (gagp30kx) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS (Microsoft Corporation) DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation) DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation) DRV:64bit: - (Wdf01000) -- C:\Windows\SysNative\drivers\Wdf01000.sys (Microsoft Corporation) DRV:64bit: - (vsmraid) -- C:\Windows\SysNative\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV:64bit: - (uliagpkx) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS (Microsoft Corporation) DRV:64bit: - (uagp35) -- C:\Windows\SysNative\drivers\UAGP35.SYS (Microsoft Corporation) DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Wd) -- C:\Windows\SysNative\drivers\wd.sys (Microsoft Corporation) DRV:64bit: - (spldr) -- C:\Windows\SysNative\drivers\spldr.sys (Microsoft Corporation) DRV:64bit: - (viaide) -- C:\Windows\SysNative\drivers\viaide.sys (VIA Technologies, Inc.) DRV:64bit: - (swenum) -- C:\Windows\SysNative\drivers\swenum.sys (Microsoft Corporation) DRV:64bit: - (ql2300) -- C:\Windows\SysNative\drivers\ql2300.sys (QLogic Corporation) DRV:64bit: - (SiSRaid4) -- C:\Windows\SysNative\drivers\sisraid4.sys (Silicon Integrated Systems) DRV:64bit: - (pcmcia) -- C:\Windows\SysNative\drivers\pcmcia.sys (Microsoft Corporation) DRV:64bit: - (ql40xx) -- C:\Windows\SysNative\drivers\ql40xx.sys (QLogic Corporation) DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation) DRV:64bit: - (SiSRaid2) -- C:\Windows\SysNative\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (pciide) -- C:\Windows\SysNative\drivers\pciide.sys (Microsoft Corporation) DRV:64bit: - (Brserid) -- C:\Windows\SysNative\drivers\BrSerId.sys (Brother Industries Ltd.) DRV:64bit: - (PEAUTH) -- C:\Windows\SysNative\drivers\PEAuth.sys (Microsoft Corporation) DRV:64bit: - (usbprint) -- C:\Windows\SysNative\drivers\usbprint.sys (Microsoft Corporation) DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation) DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation) DRV:64bit: - (RDPENCDD) -- C:\Windows\SysNative\drivers\RDPENCDD.sys (Microsoft Corporation) DRV:64bit: - (RDPCDD) -- C:\Windows\SysNative\drivers\RDPCDD.sys (Microsoft Corporation) DRV:64bit: - (TDPIPE) -- C:\Windows\SysNative\drivers\tdpipe.sys (Microsoft Corporation) DRV:64bit: - (Modem) -- C:\Windows\SysNative\drivers\modem.sys (Microsoft Corporation) DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation) DRV:64bit: - (RasSstp) -- C:\Windows\SysNative\drivers\rassstp.sys (Microsoft Corporation) DRV:64bit: - (RasAgileVpn) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation) DRV:64bit: - (RasPppoe) -- C:\Windows\SysNative\drivers\raspppoe.sys (Microsoft Corporation) DRV:64bit: - (AsyncMac) -- C:\Windows\SysNative\drivers\asyncmac.sys (Microsoft Corporation) DRV:64bit: - (RasAcd) -- C:\Windows\SysNative\drivers\rasacd.sys (Microsoft Corporation) DRV:64bit: - (IPNAT) -- C:\Windows\SysNative\drivers\ipnat.sys (Microsoft Corporation) DRV:64bit: - (NdisTapi) -- C:\Windows\SysNative\drivers\ndistapi.sys (Microsoft Corporation) DRV:64bit: - (QWAVEdrv) -- C:\Windows\SysNative\drivers\qwavedrv.sys (Microsoft Corporation) DRV:64bit: - (NetBIOS) -- C:\Windows\SysNative\drivers\netbios.sys (Microsoft Corporation) DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation) DRV:64bit: - (Smb) -- C:\Windows\SysNative\drivers\smb.sys (Microsoft Corporation) DRV:64bit: - (IRENUM) -- C:\Windows\SysNative\drivers\irenum.sys (Microsoft Corporation) DRV:64bit: - (rspndr) -- C:\Windows\SysNative\drivers\rspndr.sys (Microsoft Corporation) DRV:64bit: - (lltdio) -- C:\Windows\SysNative\drivers\lltdio.sys (Microsoft Corporation) DRV:64bit: - (mpsdrv) -- C:\Windows\SysNative\drivers\mpsdrv.sys (Microsoft Corporation) DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation) DRV:64bit: - (NativeWifiP) -- C:\Windows\SysNative\drivers\nwifi.sys (Microsoft Corporation) DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation) DRV:64bit: - (HidBth) -- C:\Windows\SysNative\drivers\hidbth.sys (Microsoft Corporation) DRV:64bit: - (BTHMODEM) -- C:\Windows\SysNative\drivers\bthmodem.sys (Microsoft Corporation) DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation) DRV:64bit: - (ohci1394) -- C:\Windows\SysNative\drivers\ohci1394.sys (Microsoft Corporation) DRV:64bit: - (usbcir) -- C:\Windows\SysNative\drivers\usbcir.sys (Microsoft Corporation) DRV:64bit: - (circlass) -- C:\Windows\SysNative\drivers\circlass.sys (Microsoft Corporation) DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation) DRV:64bit: - (HidIr) -- C:\Windows\SysNative\drivers\hidir.sys (Microsoft Corporation) DRV:64bit: - (drmkaud) -- C:\Windows\SysNative\drivers\drmkaud.sys (Microsoft Corporation) DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation) DRV:64bit: - (WacomPen) -- C:\Windows\SysNative\drivers\wacompen.sys (Microsoft Corporation) DRV:64bit: - (sffp_mmc) -- C:\Windows\SysNative\drivers\sffp_mmc.sys (Microsoft Corporation) DRV:64bit: - (sfloppy) -- C:\Windows\SysNative\drivers\sfloppy.sys (Microsoft Corporation) DRV:64bit: - (sffdisk) -- C:\Windows\SysNative\drivers\sffdisk.sys (Microsoft Corporation) DRV:64bit: - (fdc) -- C:\Windows\SysNative\drivers\fdc.sys (Microsoft Corporation) DRV:64bit: - (flpydisk) -- C:\Windows\SysNative\drivers\flpydisk.sys (Microsoft Corporation) DRV:64bit: - (Parport) -- C:\Windows\SysNative\drivers\parport.sys (Microsoft Corporation) DRV:64bit: - (Serial) -- C:\Windows\SysNative\drivers\serial.sys (Microsoft Corporation) DRV:64bit: - (Serenum) -- C:\Windows\SysNative\drivers\serenum.sys (Microsoft Corporation) DRV:64bit: - (mouhid) -- C:\Windows\SysNative\drivers\mouhid.sys (Microsoft Corporation) DRV:64bit: - (sermouse) -- C:\Windows\SysNative\drivers\sermouse.sys (Microsoft Corporation) DRV:64bit: - (ksthunk) -- C:\Windows\SysNative\drivers\ksthunk.sys (Microsoft Corporation) DRV:64bit: - (MSKSSRV) -- C:\Windows\SysNative\drivers\mskssrv.sys (Microsoft Corporation) DRV:64bit: - (MSTEE) -- C:\Windows\SysNative\drivers\mstee.sys (Microsoft Corporation) DRV:64bit: - (MSPCLOCK) -- C:\Windows\SysNative\drivers\mspclock.sys (Microsoft Corporation) DRV:64bit: - (MSPQM) -- C:\Windows\SysNative\drivers\mspqm.sys (Microsoft Corporation) DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation) DRV:64bit: - (monitor) -- C:\Windows\SysNative\drivers\monitor.sys (Microsoft Corporation) DRV:64bit: - (VgaSave) -- C:\Windows\SysNative\drivers\vga.sys (Microsoft Corporation) DRV:64bit: - (vga) -- C:\Windows\SysNative\drivers\vgapnp.sys (Microsoft Corporation) DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation) DRV:64bit: - (blbdrive) -- C:\Windows\SysNative\drivers\blbdrive.sys (Microsoft Corporation) DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation) DRV:64bit: - (ErrDev) -- C:\Windows\SysNative\drivers\errdev.sys (Microsoft Corporation) DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation) DRV:64bit: - (WmiAcpi) -- C:\Windows\SysNative\drivers\wmiacpi.sys (Microsoft Corporation) DRV:64bit: - (luafv) -- C:\Windows\SysNative\drivers\luafv.sys (Microsoft Corporation) DRV:64bit: - (Filetrace) -- C:\Windows\SysNative\drivers\filetrace.sys (Microsoft Corporation) DRV:64bit: - (fastfat) -- C:\Windows\SysNative\drivers\fastfat.sys (Microsoft Corporation) DRV:64bit: - (exfat) -- C:\Windows\SysNative\drivers\exfat.sys (Microsoft Corporation) DRV:64bit: - (nsiproxy) -- C:\Windows\SysNative\drivers\nsiproxy.sys (Microsoft Corporation) DRV:64bit: - (i8042prt) -- C:\Windows\SysNative\drivers\i8042prt.sys (Microsoft Corporation) DRV:64bit: - (Npfs) -- C:\Windows\SysNative\drivers\npfs.sys (Microsoft Corporation) DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation) DRV:64bit: - (Msfs) -- C:\Windows\SysNative\drivers\msfs.sys (Microsoft Corporation) DRV:64bit: - (Null) -- C:\Windows\SysNative\drivers\null.sys (Microsoft Corporation) DRV:64bit: - (AmdK8) -- C:\Windows\SysNative\drivers\amdk8.sys (Microsoft Corporation) DRV:64bit: - (intelppm) -- C:\Windows\SysNative\drivers\intelppm.sys (Microsoft Corporation) DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation) DRV:64bit: - (Processor) -- C:\Windows\SysNative\drivers\processr.sys (Microsoft Corporation) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (BrSerWdm) -- C:\Windows\SysNative\drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV:64bit: - (BrUsbMdm) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV:64bit: - (BrUsbSer) -- C:\Windows\SysNative\drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV:64bit: - (BrFiltLo) -- C:\Windows\SysNative\drivers\BrFiltLo.sys (Brother Industries, Ltd.) DRV:64bit: - (BrFiltUp) -- C:\Windows\SysNative\drivers\BrFiltUp.sys (Brother Industries, Ltd.) DRV:64bit: - (secdrv) -- C:\Windows\SysNative\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=109958&tt=290312_bexdll&babsrc=HP_ss&mntrId=9c1bd709000000000000001b38cebf97 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 91 C6 8E 0C 11 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109958&tt=290312_bexdll&babsrc=SP_ss&mntrId=9c1bd709000000000000001b38cebf97 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.spiegel.de" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.04.09 17:04:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.02 20:26:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.02 22:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxxx\AppData\Roaming\mozilla\Extensions [2012.07.26 09:59:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\kcyerzas.default\extensions [2012.04.03 20:52:37 | 000,000,000 | ---D | M] (StumbleUpon) -- C:\Users\xxxxxxx\AppData\Roaming\mozilla\Firefox\Profiles\kcyerzas.default\extensions\toolbar@stumbleupon.com [2012.08.02 20:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.08.02 20:15:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.07.26 09:59:07 | 000,012,095 | ---- | M] () (No name found) -- C:\USERS\xxxxxxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KCYERZAS.DEFAULT\EXTENSIONS\URLLISTER@BINNYVA.COM.XPI [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.04.03 20:43:29 | 000,002,353 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 02:45:07 | 000,003,368 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: YouTube = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Google-Suche = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ CHR - Extension: Google Mail = C:\Users\xxxxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SwissAcademic.Citavi.Picker.IEPicker) - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - Startup: C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxxxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8:64bit: - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{225A2A1D-DF96-4BE0-831A-34177873F4E7}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{fa91e766-7dc0-11e1-aeb1-001b38cebf97}\Shell - "" = AutoRun O33 - MountPoints2\{fa91e766-7dc0-11e1-aeb1-001b38cebf97}\Shell\AutoRun\command - "" = I:\Autoplay.exe -auto O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.01 23:06:52 | 000,000,000 | R--D | C] -- C:\Users\xxxxxxx\Dropbox [2012.09.01 23:05:36 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.09.01 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Dropbox [2012.09.01 18:39:40 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Malwarebytes [2012.09.01 18:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.01 18:39:33 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.01 18:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.01 18:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.01 18:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012.09.01 17:33:28 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\xxxxxxx\Desktop\OTL.exe [2012.08.31 13:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012.08.31 13:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2012.08.30 23:02:11 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.08.30 18:15:40 | 000,000,000 | -HSD | C] -- C:\Users\xxxxxxx\AppData\Roaming\System [2012.08.30 18:15:34 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Ryit [2012.08.30 18:15:34 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Emak [2012.08.30 18:15:34 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Atinyv [2012.08.19 15:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.08.18 13:42:59 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\Desktop\Ausdruck2 [2012.08.16 19:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2012.08.16 19:26:24 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2012.08.16 10:00:03 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.08.16 10:00:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.08.16 10:00:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.08.16 10:00:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.08.16 10:00:01 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.08.16 10:00:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.08.16 10:00:01 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.08.16 10:00:00 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.08.16 10:00:00 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.08.16 10:00:00 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.08.16 10:00:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.08.16 09:59:59 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.08.16 09:59:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.08.15 23:17:18 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012.08.15 23:17:14 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.08.15 23:17:14 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.08.15 23:17:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012.08.15 23:17:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.08.15 23:17:13 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.08.15 23:17:13 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.08.15 23:17:09 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012.08.08 18:04:43 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\e-academy Inc [2012.08.08 18:04:43 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Local\e-academy Inc [2012.08.06 19:41:06 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\vlc [2012.08.06 19:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.08.06 19:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2012.08.06 11:49:21 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\WinRAR [2012.08.06 11:49:21 | 000,000,000 | ---D | C] -- C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.08.06 11:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.08.06 11:49:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.02 02:21:29 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 02:21:29 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 02:13:38 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.02 02:13:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.02 02:13:11 | 2414,333,952 | -HS- | M] () -- C:\hiberfil.sys [2012.09.02 02:11:46 | 000,000,214 | ---- | M] () -- C:\Users\xxxxxxx\defogger_reenable [2012.09.02 01:10:14 | 000,511,265 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\adwcleaner.exe [2012.09.02 01:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.02 01:01:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.01 23:06:52 | 000,001,051 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Dropbox.lnk [2012.09.01 23:05:58 | 000,001,061 | ---- | M] () -- C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.09.01 18:39:34 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.01 16:58:22 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\xxxxxxx\Desktop\OTL.exe [2012.08.30 20:14:12 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.30 20:14:12 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.30 20:14:12 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.30 20:14:12 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.30 20:14:12 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.30 18:15:49 | 000,252,509 | -HS- | M] () -- C:\Users\xxxxxxx\AppData\Roaming\rt1.png [2012.08.28 16:24:52 | 000,311,883 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\2007-H-MDI-L.pdf [2012.08.28 16:14:46 | 000,465,337 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\2.png [2012.08.28 16:13:50 | 000,497,129 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Unbenanntes Bild.png [2012.08.25 21:23:00 | 003,576,834 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\DSC_0157.JPG [2012.08.25 21:23:00 | 000,191,544 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\brillencheck_klein.jpg [2012.08.25 21:22:00 | 004,085,663 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\DSC_0156.JPG [2012.08.25 21:21:35 | 000,000,840 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Caedium.lnk [2012.08.25 21:21:14 | 001,917,301 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\brillencheck.jpg [2012.08.16 22:23:44 | 002,449,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.08.14 22:05:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.08.14 22:05:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.08.08 18:04:43 | 000,003,179 | ---- | M] () -- C:\Users\xxxxxxx\Desktop\Secure Download Manager.lnk [2012.08.06 19:40:41 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.02 02:11:45 | 000,000,214 | ---- | C] () -- C:\Users\xxxxxxx\defogger_reenable [2012.09.02 01:10:08 | 000,511,265 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\adwcleaner.exe [2012.09.01 23:06:52 | 000,001,051 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\Dropbox.lnk [2012.09.01 23:05:58 | 000,001,061 | ---- | C] () -- C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.09.01 18:39:34 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.30 18:15:48 | 000,252,509 | -HS- | C] () -- C:\Users\xxxxxxx\AppData\Roaming\rt1.png [2012.08.28 16:24:50 | 000,311,883 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\2007-H-MDI-L.pdf [2012.08.28 16:14:46 | 000,465,337 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\2.png [2012.08.28 16:13:50 | 000,497,129 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\Unbenanntes Bild.png [2012.08.25 21:22:59 | 000,191,544 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\brillencheck_klein.jpg [2012.08.25 21:21:12 | 001,917,301 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\brillencheck.jpg [2012.08.25 21:17:24 | 004,085,663 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\DSC_0156.JPG [2012.08.25 21:17:24 | 003,576,834 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\DSC_0157.JPG [2012.08.08 18:04:43 | 000,003,179 | ---- | C] () -- C:\Users\xxxxxxx\Desktop\Secure Download Manager.lnk [2012.08.06 19:40:41 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.04.19 14:58:20 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll [2012.04.19 14:58:20 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini [2012.04.07 20:07:37 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.04.03 22:57:41 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll < End of report > |
| Themen zu GVU-Trojaner - nach Kapesky Rescue WindowsUnlocker & AntiMalware Benutzung - entfernt? |
| .dll, adobe, antivir, autorun, avg, avira, bho, bonjour, browser, corp./icp, dllhost.exe, dnsapi.dll, dxgkrnl, explorer, firefox, flash player, fontcache, format, ftp, google, google earth, hdaudio.sys, helper, kaspersky, langs, lanmanworkstation, locker, mfc100u.dll, monitor, msiexec.exe, msvcr80.dll, ntdll.dll, nvidia, nvidia update, object, plug-in, policyagent, samlib.dll, schannel.dll, senden, server, software, trustedinstaller, tunnel, usbvideo.sys, usp10.dll, wintrust.dll, wlansvc, wsearch, wshtcpip.dll |
Baum-Darstellung