| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sobald ich einen Browser öffne wir mein Internet extrem langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.09.2012, 14:17
| #1 |
| |  Sobald ich einen Browser öffne wir mein Internet extrem langsam Also wie im Titel beschrieben sobald ich nen Browser öffne wird mein Internet arg langsam, egal ob Internet Explorer oder Firefox. Habt ihr ne Ahnung? |
|
28.09.2012, 14:43
| #2 |
| /// Malware-holic   | Sobald ich einen Browser öffne wir mein Internet extrem langsam hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
28.09.2012, 16:14
| #3 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam So ich habe den Scan direkt nach dem Systemstart ausgeführt nur Firefox lief.
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.09.2012 17:16:23 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marc\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,47 Gb Available Physical Memory | 68,52% Memory free 15,97 Gb Paging File | 13,34 Gb Available in Paging File | 83,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 67,46 Gb Free Space | 14,49% Space Free | Partition Type: NTFS Drive E: | 1000,00 Gb Total Space | 104,51 Gb Free Space | 10,45% Space Free | Partition Type: NTFS Drive H: | 100,00 Mb Total Space | 84,72 Mb Free Space | 84,73% Space Free | Partition Type: NTFS Drive I: | 863,01 Gb Total Space | 828,46 Gb Free Space | 96,00% Space Free | Partition Type: NTFS Drive K: | 931,51 Gb Total Space | 441,21 Gb Free Space | 47,36% Space Free | Partition Type: NTFS Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.28 15:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe PRC - [2012.09.21 15:22:49 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.08.29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2012.08.24 13:01:40 | 002,735,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.07.29 15:28:12 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012.07.27 22:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2012.07.27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2012.04.17 17:19:32 | 002,614,080 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe PRC - [2012.04.06 17:59:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.09.09 17:11:58 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe PRC - [2009.12.02 19:40:40 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe PRC - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe PRC - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe PRC - [2009.06.02 19:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe PRC - [2009.03.30 15:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe PRC - [2006.10.16 10:18:36 | 000,344,064 | ---- | M] (Sonix) -- C:\Windows\vphc710.exe PRC - [2006.05.10 11:37:54 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Philips\Philips SPC710NC Webcam\TrayMin710.exe ========== Modules (No Company Name) ========== MOD - [2012.09.21 15:22:49 | 009,813,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012.08.22 19:23:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.08.22 19:23:40 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.08.22 19:23:20 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.08.22 19:23:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.07.27 22:51:54 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu MOD - [2011.09.09 17:11:58 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~3\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe MOD - [2009.06.10 16:28:56 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll MOD - [2009.02.27 16:38:22 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe MOD - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe MOD - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe MOD - [2006.05.10 11:37:54 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Philips\Philips SPC710NC Webcam\TrayMin710.exe ========== Services (SafeList) ========== SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.09.22 11:08:37 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.09.21 15:22:54 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.05 20:38:06 | 006,364,024 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.08.24 13:01:40 | 002,735,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.08.21 17:12:24 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService) SRV - [2012.07.27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS) SRV - [2012.04.06 17:59:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011.10.23 22:07:34 | 000,630,784 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server) SRV - [2010.12.13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.12.02 19:40:40 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service) SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock) SRV - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009.07.24 08:33:34 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe -- (RoxWatch12) SRV - [2009.07.24 08:33:10 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe -- (RoxMediaDB12) SRV - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.02 19:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) SRV - [2008.08.07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2007.12.17 06:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007.01.11 06:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex) DRV:64bit: - [2012.07.30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2012.07.30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP) DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS) DRV:64bit: - [2012.05.22 14:26:10 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA) DRV:64bit: - [2012.05.06 15:15:04 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS) DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON) DRV:64bit: - [2012.03.27 18:49:40 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.22 12:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:64bit: - [2012.02.22 12:23:14 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ks2avs.sys -- (ks2avs) DRV:64bit: - [2012.02.22 12:23:14 | 000,080,464 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ks2usb.sys -- (ks2usb_svc) DRV:64bit: - [2012.02.22 11:03:22 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djavs.sys -- (a2djavs) DRV:64bit: - [2012.02.22 11:03:22 | 000,096,336 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djusb.sys -- (a2djusb_svc) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2012.01.11 08:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:64bit: - [2011.11.24 04:23:20 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM) DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011.07.28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2011.07.27 20:48:14 | 000,014,952 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv) DRV:64bit: - [2011.07.25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS) DRV:64bit: - [2011.06.23 21:39:54 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.06.23 21:39:54 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.06.02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011.06.02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011.06.02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011.04.12 01:33:54 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:64bit: - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.01.06 05:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:64bit: - [2009.10.08 13:59:34 | 000,044,624 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djavs_x64.sys -- (a2djavs_x64) DRV:64bit: - [2009.10.08 13:59:31 | 000,300,112 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djusb_x64.sys -- (a2djusb_x64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.02 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64) DRV:64bit: - [2009.06.02 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64) DRV:64bit: - [2009.06.02 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64) DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2007.11.22 14:48:46 | 010,733,184 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325) DRV:64bit: - [2006.10.16 10:35:24 | 000,867,712 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\phc710.sys -- (phc710) DRV - [2012.09.28 16:54:22 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.09.28 14:48:06 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\ex64.sys -- (NAVEX15) DRV - [2012.09.28 14:48:06 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\eng64.sys -- (NAVENG) DRV - [2012.09.12 12:21:57 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.09.01 02:27:24 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120927.001\IDSviA64.sys -- (IDSVia64) DRV - [2012.09.01 00:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2012.08.21 18:25:33 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012.06.06 22:49:42 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2012.06.06 20:31:44 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Marc\Desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE E0 DE 9C 61 8C CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKCU\..\SearchScopes\{0647B9BC-2C83-41bb-823F-E8789C72E908}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18 IE - HKCU\..\SearchScopes\{F5CC370D-0E53-4eea-A9C4-65DB5D120CAC}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.wisedock.de/m.php?id=2332406674768a7e760877fb50ef6c1161c7" FF - prefs.js..extensions.enabledAddons: amznUWL2@amazon.com:1.10 FF - prefs.js..extensions.enabledAddons: de-DE@dictionaries.addons.mozilla.org:2.0.2 FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: youtube2mp3@mondayx.de:1.2.3 FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.1 FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10 FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15 FF - prefs.js..extensions.enabledAddons: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.6 FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 1 FF - prefs.js..extensions.enabledAddons: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2012.7.5.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Marc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012.09.28 16:53:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012.01.14 16:26:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.16 13:38:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.25 17:29:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\qmuapb03.default\extensions\mail@gutscheinrausch.de [2012.09.25 17:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions [2012.09.25 17:37:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions [2012.09.25 17:37:36 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012.09.25 17:37:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.09.25 17:37:39 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012.09.25 17:37:36 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012.09.25 17:37:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\ich@maltegoetz.de [2012.09.25 17:37:36 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\amznUWL2@amazon.com.xpi [2012.09.25 17:37:36 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\youtube2mp3@mondayx.de.xpi [2012.09.25 17:37:36 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012.09.25 17:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.28 16:53:53 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\COFFPLGN [2012.01.14 16:26:35 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPLGN [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.07.10 17:21:32 | 000,003,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 activate.wip.adobe.com O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 crl.verisign.net O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET O1 - Hosts: 127.0.0.1 ood.opsource.net O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net O1 - Hosts: 127.0.0.1 practivate.adobe O1 - Hosts: 127.0.0.1 practivate.adobe O1 - Hosts: 57 more lines... O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation) O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~3\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~3\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [phc710] C:\Windows\vphc710.exe (Sonix) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Facebook Update] C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKLM..\RunOnce: [DES2] C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe () O4 - HKLM..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe () O4 - Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk = C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F71570-F32B-4796-9EAE-8ECDAD908688}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{654CC677-78AE-43FA-9C8C-CEEF8BB3CA38}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF4A41BF-FABF-4D9B-BE1F-E1C2EC2E212D}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~3\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{f192303a-c4e4-11e0-a109-1c6f65d978ed}\Shell - "" = AutoRun O33 - MountPoints2\{f192303a-c4e4-11e0-a109-1c6f65d978ed}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Akamai NetSession Interface - hkey= - key= - C:\Users\Marc\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: CPMonitor - hkey= - key= - C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe () MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe () MsConfig:64bit - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () MsConfig:64bit - StartUpReg: KPeerNexonEU - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: STCAgent - hkey= - key= - File not found MsConfig:64bit - StartUpReg: ZyngaGamesAgent - hkey= - key= - File not found MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.09.28 15:48:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe [2012.09.26 12:03:26 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.09.25 17:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.09.25 17:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.09.22 12:25:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.09.22 12:25:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.22 12:25:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.09.22 12:25:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.09.22 12:25:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.22 12:25:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.09.22 12:25:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.09.22 12:25:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.22 12:25:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.22 12:25:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.09.22 12:25:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.22 12:25:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.09.22 12:25:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.09.22 12:25:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.22 12:25:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.09.21 18:17:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} [2012.09.20 20:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.20 20:07:49 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.18 20:59:06 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.18 14:20:29 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.17 19:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\edcastASIO [2012.09.17 18:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\edcast [2012.09.16 21:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012.09.16 21:41:18 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\uTorrent [2012.09.14 15:09:55 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Amazon MP3 [2012.09.14 15:07:23 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.09.14 15:07:23 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.09.14 15:07:23 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.09.14 15:07:23 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.09.14 15:07:23 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.09.14 15:07:23 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.09.14 15:07:23 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.09.14 15:07:23 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.09.14 15:07:23 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.09.14 15:07:23 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.09.14 15:07:23 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.09.14 15:07:23 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.09.14 15:07:23 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.09.14 15:07:23 | 000,971,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012.09.14 15:07:23 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.09.14 15:07:23 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.09.14 15:07:23 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.09.14 15:07:23 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2012.09.14 15:07:23 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012.09.12 18:39:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012.09.12 18:39:51 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.09.12 18:39:50 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012.09.12 18:39:49 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012.09.11 12:55:05 | 000,000,000 | -HSD | C] -- C:\found.004 [2012.09.08 13:12:57 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll [2012.09.08 13:12:57 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.09.08 13:12:57 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.09.08 13:12:57 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.09.08 10:53:28 | 001,579,520 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2012.09.07 16:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy [2012.09.07 16:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simfy [2012.09.06 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.09.06 20:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2012.09.04 20:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit [2012.09.04 20:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs [2012.09.03 15:54:29 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\CANON_INC [2012.09.03 15:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.09.03 15:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon [2012.09.03 15:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon [2012.09.03 14:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EOS Camera Movie Record [2012.09.03 14:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eos_movrec [2012.09.02 21:50:32 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Purplizer [2012.09.02 21:16:09 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf [2012.09.02 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf [2012.09.02 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf [2012.09.02 20:59:04 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Overwolf [2012.09.02 12:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012.09.02 12:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [6 C:\Users\Marc\Desktop\*.tmp files -> C:\Users\Marc\Desktop\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.28 17:02:49 | 000,016,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.28 17:02:49 | 000,016,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.28 16:58:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job [2012.09.28 16:56:13 | 000,001,068 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk [2012.09.28 16:54:22 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2012.09.28 16:54:07 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.28 16:53:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.28 16:53:19 | 4277,264,383 | -HS- | M] () -- C:\hiberfil.sys [2012.09.28 16:51:38 | 006,034,724 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.28 16:51:38 | 002,373,056 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.28 16:51:38 | 000,768,884 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.09.28 16:51:38 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.28 16:51:38 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.28 16:51:30 | 000,768,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.28 16:40:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.28 16:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.28 15:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe [2012.09.28 15:33:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job [2012.09.28 15:33:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job [2012.09.27 21:58:10 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job [2012.09.24 19:54:39 | 000,000,132 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2012.09.23 16:04:06 | 438,312,960 | ---- | M] () -- C:\Users\Marc\Desktop\Auftritt Blue Diamonds 23-09-2012.MTS [2012.09.22 21:47:45 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.09.22 21:47:45 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.09.22 21:47:30 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.09.21 15:22:49 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.21 15:22:49 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.20 20:07:53 | 000,001,792 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.18 18:17:46 | 000,001,611 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\buttrc [2012.09.18 17:51:25 | 000,001,040 | ---- | M] () -- C:\Users\Marc\Desktop\EdcastStandalone.lnk [2012.09.16 20:46:30 | 855,678,175 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.09.09 19:57:23 | 000,007,660 | ---- | M] () -- C:\Users\Marc\AppData\Local\Resmon.ResmonCfg [2012.09.08 13:12:30 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll [2012.09.08 13:12:30 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.09.08 13:12:30 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.09.08 13:12:30 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.09.08 13:12:30 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.09.06 20:52:21 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2012.09.03 15:50:26 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk [2012.08.31 16:38:55 | 000,344,187 | ---- | M] () -- C:\Users\Marc\Desktop\4437215_t201209047.pdf [2012.08.30 21:14:00 | 026,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.08.30 21:14:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.08.30 21:14:00 | 019,828,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.08.30 21:14:00 | 018,229,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.08.30 21:14:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.08.30 21:14:00 | 015,291,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.08.30 21:14:00 | 014,879,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.08.30 21:14:00 | 012,465,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.08.30 21:14:00 | 009,066,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.08.30 21:14:00 | 007,626,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.08.30 21:14:00 | 007,397,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.08.30 21:14:00 | 006,109,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.08.30 21:14:00 | 002,745,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.08.30 21:14:00 | 002,725,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.08.30 21:14:00 | 002,573,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.08.30 21:14:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.08.30 21:14:00 | 002,216,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.08.30 21:14:00 | 001,866,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.08.30 21:14:00 | 001,760,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012.08.30 21:14:00 | 001,482,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.08.30 21:14:00 | 000,971,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012.08.30 21:14:00 | 000,830,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.08.30 21:14:00 | 000,247,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.08.30 21:14:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.08.30 21:14:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.08.30 18:18:05 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012.08.30 18:18:05 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012.08.30 18:18:05 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012.08.30 18:18:04 | 003,487,434 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012.08.30 18:18:01 | 003,266,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012.08.30 18:17:59 | 006,198,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012.08.30 10:40:14 | 000,429,416 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe [6 C:\Users\Marc\Desktop\*.tmp files -> C:\Users\Marc\Desktop\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.25 17:29:08 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.24 21:53:51 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job [2012.09.24 21:53:50 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job [2012.09.24 21:49:13 | 438,312,960 | ---- | C] () -- C:\Users\Marc\Desktop\Auftritt Blue Diamonds 23-09-2012.MTS [2012.09.22 11:06:33 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk [2012.09.22 11:05:49 | 000,001,539 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk [2012.09.20 20:07:53 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.18 20:59:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.17 19:15:48 | 000,001,040 | ---- | C] () -- C:\Users\Marc\Desktop\EdcastStandalone.lnk [2012.09.06 20:52:21 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2012.09.06 20:48:10 | 855,678,175 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.09.03 15:50:26 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk [2012.08.31 16:38:54 | 000,344,187 | ---- | C] () -- C:\Users\Marc\Desktop\4437215_t201209047.pdf [2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.08.21 19:04:51 | 000,768,884 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.08.19 19:26:26 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2012.08.11 21:09:57 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2012.08.11 21:09:50 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2012.08.11 21:09:50 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2012.08.11 21:09:50 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2012.08.11 21:09:49 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll [2012.08.11 21:09:49 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll [2012.08.11 21:09:49 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll [2012.06.07 03:45:28 | 000,007,660 | ---- | C] () -- C:\Users\Marc\AppData\Local\Resmon.ResmonCfg [2012.03.23 19:45:05 | 000,005,632 | ---- | C] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.16 19:39:42 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe AIFF Format CS5 Prefs [2012.02.25 15:03:05 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012.02.12 18:06:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012.01.13 20:42:06 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2011.12.30 15:12:37 | 000,000,032 | ---- | C] () -- C:\Users\Marc\.simfy [2011.12.08 21:26:35 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.12.08 21:26:35 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.10.28 20:29:00 | 000,001,611 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\buttrc [2011.10.09 18:59:15 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.09.01 19:10:44 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.09.01 19:10:44 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.07.17 18:40:46 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.07.06 19:57:48 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2011.07.06 19:49:06 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011.07.06 19:38:49 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011.05.24 12:00:44 | 000,001,057 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\vso_ts_preview.xml [2011.04.27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.04.27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.04.27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.04.27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.04.27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.04.21 16:05:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2011.04.08 15:51:13 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.04.08 15:51:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.04.07 21:11:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.04.07 20:45:03 | 000,015,488 | ---- | C] () -- C:\Windows\phc710.ini ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.04 22:17:25 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.minecraft [2012.07.11 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.Nitrous [2012.04.03 16:26:27 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Ableton [2012.01.02 15:21:33 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Amazon [2012.01.02 15:21:33 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\AnvSoft [2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1 [2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Clonk Rage [2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.08.01 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.beatport.BeatportDownloader [2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.facebookdesktop.app [2012.02.09 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DAEMON Tools Lite [2012.01.13 21:16:30 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DesktopIconForAmazon [2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\dreamload [2012.09.28 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Dropbox [2012.07.05 22:33:35 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\EurekaLog [2012.08.21 19:10:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\FFsplit [2012.09.24 19:42:13 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\FileZilla [2012.09.11 18:57:06 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ICQ [2012.03.13 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Kores [2012.01.02 15:22:20 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Leadertech [2012.01.02 15:22:23 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\MAGIX [2012.04.15 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ManyCam [2012.08.17 01:56:31 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\MAXON [2012.03.13 21:24:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\michaelkaesper.de Software [2012.09.14 15:48:20 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Mp3tag [2012.08.12 01:34:29 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Origin [2012.09.16 22:06:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\PACE Anti-Piracy [2012.09.23 21:29:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\PhotoScape [2012.01.02 15:22:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1 [2012.01.02 15:22:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Samsung [2012.01.02 15:22:38 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Simfy [2012.01.02 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Simple Star [2012.03.23 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Solveig Multimedia [2012.07.05 20:01:06 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Splashtop [2012.04.15 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\SplitMediaLabs [2012.01.02 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Steinberg [2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TeamViewer [2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Tific [2012.08.06 23:32:08 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TS3Client [2012.03.16 18:57:56 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ts3overlay [2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Tunngle [2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\URSoft [2012.09.20 21:05:17 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\UseNeXT [2012.09.16 22:10:00 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\uTorrent [2012.07.11 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Vso [2012.01.02 15:22:48 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\wargaming.net ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.01.27 19:33:40 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012.02.18 15:02:33 | 000,000,000 | -HSD | M] -- C:\Boot [2012.09.28 16:51:53 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.03.27 15:38:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.04.08 14:04:58 | 000,000,000 | ---D | M] -- C:\dreamloaddata [2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.000 [2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.001 [2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.002 [2012.08.04 16:30:23 | 000,000,000 | -HSD | M] -- C:\found.003 [2012.09.11 12:55:05 | 000,000,000 | -HSD | M] -- C:\found.004 [2012.08.06 21:44:44 | 000,000,000 | ---D | M] -- C:\Fraps [2011.11.22 19:59:20 | 000,000,000 | ---D | M] -- C:\Games [2012.04.08 23:04:47 | 000,000,000 | ---D | M] -- C:\GTA SanAndreas [2011.07.06 19:41:45 | 000,000,000 | ---D | M] -- C:\Intel [2012.07.05 22:38:36 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.04.04 21:07:39 | 000,000,000 | ---D | M] -- C:\Nexon [2012.05.21 19:05:07 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.09.20 20:07:12 | 000,000,000 | R--D | M] -- C:\Program Files [2012.09.25 17:29:07 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.09.21 18:17:28 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.01.02 01:40:26 | 000,000,000 | ---D | M] -- C:\ProgramData (0) [2011.03.27 15:38:04 | 000,000,000 | -HSD | M] -- C:\Programme [2012.01.02 15:58:15 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.09.28 17:17:49 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.09.14 15:08:23 | 000,000,000 | ---D | M] -- C:\Temp [2012.04.02 20:52:08 | 000,000,000 | R--D | M] -- C:\Users [2012.09.22 11:12:02 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,028,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.09.20 21:00:07 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job [2011.09.20 21:00:08 | 000,001,134 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job [2011.10.13 21:33:34 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011.10.13 21:33:35 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.09.18 20:59:07 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012.09.24 21:53:50 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job [2012.09.24 21:53:51 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: IASTORV.SYS > [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll < %USERPROFILE%\*.* > [2011.12.30 15:12:37 | 000,000,032 | ---- | M] () -- C:\Users\Marc\.simfy [2012.09.28 17:27:13 | 006,291,456 | -H-- | M] () -- C:\Users\Marc\NTUSER.DAT [2012.09.28 17:27:13 | 000,262,144 | -HS- | M] () -- C:\Users\Marc\ntuser.dat.LOG1 [2012.09.11 14:20:05 | 000,262,144 | -HS- | M] () -- C:\Users\Marc\ntuser.dat.LOG2 [2012.01.02 14:55:18 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012.01.02 14:55:18 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2012.01.02 14:55:18 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2012.07.05 19:26:17 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TM.blf [2012.07.05 19:26:17 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TMContainer00000000000000000001.regtrans-ms [2012.07.05 19:26:17 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TMContainer00000000000000000002.regtrans-ms [2012.01.02 15:58:21 | 000,000,020 | -HS- | M] () -- C:\Users\Marc\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > ========== Alternate Data Streams ========== @Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:1CE11B51 @Alternate Data Stream - 1176 bytes -> C:\Users\Marc\AppData\Local\Temp:JqXJqIvCPi0Drr1yrX0QK < End of report > [/CODE] Mfg Marc Geändert von mac17 (28.09.2012 um 16:32 Uhr) |
|
28.09.2012, 16:15
| #4 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam und noch die Extra Log: OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.09.2012 16:58:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marc\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,09 Gb Available Physical Memory | 76,29% Memory free
15,97 Gb Paging File | 13,92 Gb Available in Paging File | 87,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 67,47 Gb Free Space | 14,49% Space Free | Partition Type: NTFS
Drive E: | 1000,00 Gb Total Space | 104,51 Gb Free Space | 10,45% Space Free | Partition Type: NTFS
Drive H: | 100,00 Mb Total Space | 84,72 Mb Free Space | 84,73% Space Free | Partition Type: NTFS
Drive I: | 863,01 Gb Total Space | 828,46 Gb Free Space | 96,00% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 441,21 Gb Free Space | 47,36% Space Free | Partition Type: NTFS
Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03454EF3-940B-4E41-B970-42007DA148AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{096D4551-B184-452C-A4AA-DED3CC6F21EF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A2BABE6-2F33-49A4-96F8-7175D16D7B3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A6DFC10-8D9A-4598-893B-FDDB07187109}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{33C2F5AC-EC49-4E65-9630-9CF1F589FAAC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{41F76671-D0C7-4FFD-8A72-E3288F347F68}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{47E5E01C-E439-43FD-865D-144D06ACC32B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{54498819-7E23-40F6-BF62-EC38F6DC03E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{567AF1CC-F4DC-4D9C-866A-71DBD3647561}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5F23B0A9-C70F-40BC-BCAF-7E266AC5C698}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{755D4E5A-5EB4-4CF2-A67B-F4DACB1A6DA2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82326F72-D59E-4CDE-86D4-783F9590253E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{895BC069-F116-4536-8FEE-BAB1ACC6C4EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9DA73957-4C6F-4B5D-A2BC-3A19C2EE8019}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{AB524504-EFC6-4A67-B249-B1773E405BD0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B9A93537-FBA5-4A4E-ABD7-141BF3806DAA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BC5F015B-399C-4355-8E6A-3D542077B7C2}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D19EDBA5-F305-4C04-A5C2-D235224F84AA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D58BFD18-A6E4-4BEB-87AD-099D01502B86}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D9D46F43-96AC-4592-B5B6-DCA7E2402D9A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DC24A4DC-0900-4B76-8638-E1E861F5F17E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFE38879-8D26-4D44-B3EE-175D38703F34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F1BC0C36-61EF-4777-9395-D6AB935CC998}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3E37ABD-2979-4650-8384-83EB9993BE55}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C8B788-496D-4AD9-8EB3-733CA608A040}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{065A42C0-4E63-401F-9AC4-82E3759105CE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{09E2D412-9D59-4B9F-97A6-7FF9B2D65135}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{0A48876A-3553-4AC3-ABFE-B7869D2F7333}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0C834B37-5360-4CE8-A059-F59C8C5A9F84}" = protocol=17 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe |
"{0CF10902-D13C-4240-8B42-5ED7B5A95A47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{0D6EEA6F-7F29-4836-9D6F-7DB688FA7BF0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1494F9CD-39BC-4BB6-A075-50B990D81028}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1AE6153E-5363-4A66-BC78-E80F9413D9BF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{1EAE22CC-382D-4596-9D73-28543E94039A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1F3FAA14-E59B-488B-AEC6-811298D45349}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{20B3C73A-23B3-4151-A403-7D3B2B69B56B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{20C1AD6F-47F1-4F2E-BFE9-CC72908315A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{22A1E82E-3F58-4DE0-A193-D90068FF9EAD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{2CB31AD8-8F4E-48CF-B4C4-3C27DE0489AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2D1EC30E-A755-4272-A433-1E0C85710CE3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{2DF5DA93-30D8-4504-9BE9-9F58065C13CB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{36061B54-17D7-4AE1-AB9C-21A6FBFD939E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{37F38554-7C1D-43E9-9FA6-D7F1C38083C7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{38D92F4C-113C-486C-81A4-ED27A7751426}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3AC903EF-30E6-49CD-94DF-F39504791447}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{46E28280-59E9-40D6-B365-C989461D8942}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{470ECEE2-255C-4253-A859-29DCAF91FF8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A3835D5-27CC-4049-BADD-84096CA05CC3}" = protocol=17 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe |
"{4B513041-4F3F-4DEA-A9A8-5D9C62E8F963}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4DA6213E-0465-4102-AC4A-A079B71E0141}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{5270A2E3-4AE3-4AD5-9314-46595D5394D5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5A602974-89EA-4E35-8C94-98730194DD45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5AB3C9BA-EFCC-4BC2-9AB6-BFECC6CEE988}" = protocol=6 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe |
"{5C9C7615-0E66-4A18-B5CE-FE8EE66C83A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5DB0219C-8FF2-46AB-867B-45C4C134E9D0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{5E55B214-58F4-41AC-97EC-F2B50DC5A5A2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{5F4F42E3-D28B-4B4A-9D0C-580D8EA74380}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{6103E926-6E4C-4A7D-9FB7-FBA15A9B10D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{659C729D-4247-4A4C-9C4C-8930FA626D14}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6674CE9E-3140-48A8-BCB8-0D5CABBA8971}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{66EAD6E8-9CE8-48C3-8978-D34FF53A3C0F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{681AE765-6BEF-4B09-9608-1D7D6B0DECF6}" = dir=in | app=c:\users\marc\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{69E4B8DF-33AB-4B90-8ADE-53F02C101A97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{719455A9-3DC2-487A-8503-0C3D2272A859}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{744943E7-65F4-47A0-A942-94D5C1A4FB9B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{78E1B704-0D83-48F2-8229-8AB7A823F20C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{7B6CB47E-1540-4F86-818A-45B6F22AC1AC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{7E404DE1-9557-45C9-87E3-5B83D6E75C2F}" = protocol=6 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe |
"{80CA8B7B-40A2-4B1C-AD15-83616991CCA5}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{827AD8FB-2012-419F-815D-A1268A25E34D}" = dir=out | app=%systemdrive%\games\world_of_tanks\worldoftanks.exe |
"{84DC9E8F-A88B-4088-96B3-9652999F766B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{8CD7E03B-252E-468A-9948-0BAC0D817D75}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{8EBB04B6-1934-4B04-98E5-4738718C4E12}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{91FDBA21-4B7F-44A3-AEC9-E9FAFF3AA593}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{948092FD-AF41-4576-A2BC-156E27FB8A90}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{9670DE21-D578-47FF-ACB8-279FFFB8DFA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{9673EAA2-F096-4EBE-A34A-1D2EFD69B8AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{98D799CF-50FB-4AE6-B11B-29E7D2FBA03B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{99CAC734-BBA6-4482-8230-086E50657A3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9ACD77F7-3843-4F95-AA84-3EEBAB9C3322}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A319450C-AC5B-4805-BD80-64AA48AAE415}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A37566EC-5087-4CD7-8310-5815D0347174}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A4F3A4D8-BBD7-419A-90E5-2509A1D5C7BC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{A95274C2-A254-4A81-AC3D-57F701E0E760}" = protocol=17 | dir=in | app=c:\users\marc\appdata\local\akamai\netsession_win.exe |
"{AE14C40C-D941-4538-B6C5-56CCF84364F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AF44D805-4278-4732-B694-0AD28CC0D57D}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{B1102DE9-FA78-47F3-BABC-A32627773F48}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{B56C6AFC-57D7-4FE2-8C3C-82798A972D1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{B78A0DC1-A4D3-49E8-8C64-A7A77F9456B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B90CBB9E-AB06-48B6-875D-0677BA0FB15C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD6A2CDE-F4D2-42FA-A1DD-E1B99B4B087F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C09B0398-E4D8-40E1-876D-61F10671C91E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{C185F7CF-02E4-4946-B9CA-33AF5240FDDD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{C1AF869F-8E22-4DC3-8543-F8834C1DEF91}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C55E7AA3-FD14-467D-A2E3-5F83D36C1368}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6F99825-E7F4-4741-9C48-EB4A82538FDC}" = dir=in | app=c:\program files (x86)\norton internet security\engine\19.7.1.5\ccsvchst.exe |
"{CD030BEE-F015-4220-A4CA-574474ED22C3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{CD2532C8-8013-4324-835A-F59968E5FF6C}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{CD68F935-6E80-4285-955B-6AE0DFF9C93E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CE851775-D007-42CB-B515-1D5757E1E216}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CF382E92-9352-428E-98A7-B4D9592ED9DD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{CFC740F1-B836-4F66-9CC2-DD8BE371FE3B}" = protocol=6 | dir=out | app=system |
"{D0CA64CA-9013-4728-A2E0-93B40C85C239}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{D30571B8-7481-46E3-A93D-7E974AD3C86D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D3E5DF77-64E9-403B-957A-4AB667DC0624}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{D6F843CA-BAAE-4A4C-8291-9C73394A3921}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{D77B75FF-9FC0-4ABE-B0A2-ADDAC561A2BE}" = protocol=6 | dir=in | app=c:\users\marc\appdata\local\akamai\netsession_win.exe |
"{D9DA09C2-BDE1-4699-942C-41222E36D086}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{D9FF302D-0EF7-40D8-A762-72490CE9C9F5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DA075407-A3CD-4A5D-B22F-315D6823A1DB}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe |
"{DDFB8742-F8E1-4EC9-8495-D27AE71DF1B3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DE09D6C2-8638-42EA-9435-C09C36A37EA0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E1034E74-19EB-4AA3-A369-4DF475479F03}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E39104A5-C02A-4EC2-966F-E15AE309E8C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E3A56668-AB8A-478C-85DE-E7F7ED3F832E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{EA102F1D-E32E-4228-A1FF-C052F16C03B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA46463A-B8C9-4FFB-84C7-E8BC655E791A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{EBEADB2C-BA08-42B9-B163-111B469DBB7C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F61F9E92-CEB7-41D5-8372-9EE52B3AE33A}" = dir=out | app=%systemdrive%\games\world_of_tanks\wotlauncher.exe |
"{F79ECC9F-DB85-42E0-BED3-5C3A6DE6A0CA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{FBF38D7B-EC92-46C9-AF8E-AF274ECDFC96}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{0202718D-0C66-469E-813B-5AC99AE8637A}C:\program files (x86)\radio toolbox\rtb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe |
"TCP Query User{40C29C38-9602-4656-9D76-4542DD9CF21E}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{5D1EAD48-AF4D-47C5-8C73-6D5E16B9D01F}C:\program files (x86)\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"TCP Query User{7F65E12A-B161-4363-9B75-63B5585414E6}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{A2DFCB1D-5E14-4124-8C71-B4A403C81FE7}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{DEC3C099-A778-47FA-BF3D-1440E44EA291}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{E25B87DB-98D7-4E5F-9841-5DADDD870AFE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{05124A6F-7FD1-4245-A37C-4DB2F7D84E9F}C:\program files (x86)\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"UDP Query User{28848CAC-C9AA-457F-B83C-AD2B899B3B42}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{3F2C966D-4ED4-416B-A85D-53FF657F1BF5}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{50C0F2D9-FB6B-4B1B-85EC-1B82CA7F37A0}C:\program files (x86)\radio toolbox\rtb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe |
"UDP Query User{A5C98DE2-85A8-4670-942E-B40646CA2D73}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{EEF2C9B3-CB35-4127-ACED-0BC8A6F0386C}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{FBCEED65-0F03-443C-B125-B3D8D3D0CC71}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{3D8003CE-E3CD-49b7-A59E-9C21546AF95E}" = Native Instruments Traktor Kontrol S2 Driver
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7ADB493-B913-4D61-9A63-DA736C20C3F2}" = Adobe Photoshop Lightroom 4.1 64-bit
"{FD67869B-C97B-4F2C-AD80-ABF130238441}" = Oracle VM VirtualBox 4.1.16
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"MAXON8C02D5E0" = CINEMA 4D 12.016
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15ED9EF1-672B-333C-B653-3A655B6DE4F7}" = Adobe® Content Viewer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216027F0}" = Java(TM) 6 Update 27
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = GutscheinRausch.de - AddOn für Firefox
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1
"{46578609-AD6D-4E69-AC8F-28B89C090F3B}" = Roxio Creator 2010 Pro
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5310C7A5-A385-6E26-66E9-C0F0CA5A7E45}" = BeatportDownloader
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{55AE564D-F4C0-624E-6784-A4040D2ED7F7}" = Facebook Desktop
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5B0D20D7-AA12-4FC8-9A4A-AF722F430738}_is1" = EOS Camera Movie Record 0.3.1.1 Beta
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733CDF24-0A93-426E-AA89-DF281EB54793}" = Roxio CinePlayer
"{744DA166-F189-4ED4-92EA-E06F3347DD44}" = Philips SPC710NC Webcam
"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator 2010 Pro
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}" = Brother MFL-Pro Suite DCP-130C
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B10.0309.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DE49CA-0AFB-4557-B1B4-B9B8C1DAE2DE}" = XSplit
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{87A83C6F-F53C-448A-B078-FF00E3EAEB29}" = Roxio Disaster Recovery
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator 2010 Pro
"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{955AB765-E48B-4D82-9F06-F2E142433B71}" = Ableton Live 8
"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A048F6D6-BECE-D521-9BC9-B8806BFB118C}" = Beatport Downloader
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0E0FA6-B945-4F48-BC36-055FCB0DB42B}" = Overwolf
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.10.348
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EDA02C05-A98F-71F6-8F01-9CE3E253D34C}" = simfy
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.1
"ASIO4ALL" = ASIO4ALL
"Battlelog Web Plugins" = Battlelog Web Plugins
"BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1" = BeatportDownloader
"butt" = butt
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Clonk Rage" = Clonk Rage
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"com.beatport.BeatportDownloader" = Beatport Downloader
"com.facebookdesktop.app" = Facebook Desktop
"Combat Arms EU" = Combat Arms EU
"DAEMON Tools Lite" = DAEMON Tools Lite
"doubleTwist" = doubleTwist
"Dreamload" = Dreamload
"EdcastStandalone" = Edcast Standalone 3.37.2011
"EOS Utility" = Canon Utilities EOS Utility
"ESN Sonar-0.70.4" = ESN Sonar
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileZilla Client" = FileZilla Client 3.5.3
"FileZilla Server" = FileZilla Server
"Fraps" = Fraps (remove only)
"HyperCam 3" = HyperCam 3
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"KORES Print Designer" = KORES Print Designer
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Michas Jingle-Player" = Michas Jingle-Player
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.52
"Native Instruments Audio 2 DJ Driver" = Native Instruments Audio 2 DJ Driver
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Native Instruments Traktor Kontrol S2 Driver" = Native Instruments Traktor Kontrol S2 Driver
"NBRTWizard" = Norton Bootable Recovery Tool Wizard
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PhotoScape" = PhotoScape
"PhotoStitch" = Canon Utilities PhotoStitch
"PunkBusterSvc" = PunkBuster Services
"Radio Toolbox" = Radio Toolbox
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Roxio PhotoShow" = Roxio PhotoShow
"SCDNAS" = SHOUTcast DNAS (remove only)
"SHOUTcast" = SHOUTcast DNAS Server v2
"Simfy" = simfy
"Steam App 400" = Portal
"Steam App 49520" = Borderlands 2
"Steam App 620" = Portal 2
"Steam App 91600" = Sanctum
"Steam App 96400" = Shoot Many Robots
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER
"UseNeXT_is1" = UseNeXT
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"YU2010_is1" = Your Uninstaller! 2010
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.09.2012 10:44:07 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:45:13 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:45:16 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:45:26 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:47:03 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:47:05 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:50:46 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:51:25 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:51:27 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:51:33 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 28.09.2012 10:55:08 | Computer Name = Marc-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.09.2012 11:24:52 | Computer Name = Marc-PC | Source = NetBT | ID = 4321
Description = Der Name "MARC-PC :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.139 registriert werden. Der Computer mit IP-Adresse 192.168.2.102
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 25.09.2012 11:24:53 | Computer Name = Marc-PC | Source = NetBT | ID = 4321
Description = Der Name "MARC-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.139 registriert werden. Der Computer mit IP-Adresse 192.168.2.102
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 28.09.2012 08:42:36 | Computer Name = Marc-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 28.09.2012 08:42:38 | Computer Name = Marc-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 28.09.2012 08:58:21 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 28.09.2012 09:23:31 | Computer Name = Marc-PC | Source = DCOM | ID = 10010
Description =
Error - 28.09.2012 09:38:44 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Hard Drive Watcher 12 erreicht.
Error - 28.09.2012 09:38:49 | Computer Name = Marc-PC | Source = NetBT | ID = 4321
Description = Der Name "MARC-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.139 registriert werden. Der Computer mit IP-Adresse 192.168.2.102
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 28.09.2012 09:48:01 | Computer Name = Marc-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\system32\athExt.dll Fehlercode: 126
Error - 28.09.2012 10:53:45 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Hard Drive Watcher 12 erreicht.
< End of report >
Mfg Marc |
|
28.09.2012, 17:08
| #5 |
| /// Malware-holic | Sobald ich einen Browser öffne wir mein Internet extrem langsam hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.09.2012, 18:10
| #6 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsamCode:
ATTFilter 19:08:06.0950 4872 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:08:07.0354 4872 ============================================================
19:08:07.0354 4872 Current date / time: 2012/09/28 19:08:07.0354
19:08:07.0354 4872 SystemInfo:
19:08:07.0354 4872
19:08:07.0354 4872 OS Version: 6.1.7601 ServicePack: 1.0
19:08:07.0354 4872 Product type: Workstation
19:08:07.0354 4872 ComputerName: MARC-PC
19:08:07.0354 4872 UserName: Marc
19:08:07.0354 4872 Windows directory: C:\Windows
19:08:07.0354 4872 System windows directory: C:\Windows
19:08:07.0354 4872 Running under WOW64
19:08:07.0354 4872 Processor architecture: Intel x64
19:08:07.0354 4872 Number of processors: 4
19:08:07.0354 4872 Page size: 0x1000
19:08:07.0354 4872 Boot type: Normal boot
19:08:07.0354 4872 ============================================================
19:08:08.0889 4872 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:08:08.0889 4872 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:08:08.0892 4872 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:08:08.0894 4872 ============================================================
19:08:08.0894 4872 \Device\Harddisk0\DR0:
19:08:08.0894 4872 MBR partitions:
19:08:08.0895 4872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:08:08.0895 4872 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
19:08:08.0895 4872 \Device\Harddisk1\DR1:
19:08:08.0895 4872 MBR partitions:
19:08:08.0895 4872 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7D000000
19:08:08.0895 4872 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7D000800, BlocksNum 0x6BE07000
19:08:08.0895 4872 \Device\Harddisk2\DR2:
19:08:08.0895 4872 MBR partitions:
19:08:08.0895 4872 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:08:08.0895 4872 ============================================================
19:08:08.0913 4872 C: <-> \Device\Harddisk0\DR0\Partition2
19:08:08.0940 4872 K: <-> \Device\Harddisk2\DR2\Partition1
19:08:08.0955 4872 H: <-> \Device\Harddisk0\DR0\Partition1
19:08:09.0371 4872 E: <-> \Device\Harddisk1\DR1\Partition1
19:08:09.0440 4872 I: <-> \Device\Harddisk1\DR1\Partition2
19:08:09.0440 4872 ============================================================
19:08:09.0440 4872 Initialize success
19:08:09.0440 4872 ============================================================
19:08:26.0067 6300 ============================================================
19:08:26.0067 6300 Scan started
19:08:26.0067 6300 Mode: Manual; SigCheck; TDLFS;
19:08:26.0067 6300 ============================================================
19:08:26.0902 6300 ================ Scan system memory ========================
19:08:26.0902 6300 System memory - ok
19:08:26.0903 6300 ================ Scan services =============================
19:08:27.0032 6300 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:08:27.0096 6300 1394ohci - ok
19:08:27.0195 6300 [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
19:08:27.0212 6300 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
19:08:27.0241 6300 [ 3A935600DADB122887B0BD3BCEB0247D ] a2djavs C:\Windows\system32\Drivers\a2djavs.sys
19:08:27.0252 6300 a2djavs - ok
19:08:27.0316 6300 [ BDED0E1B0A0B5D53B8E174B57545FC75 ] a2djavs_x64 C:\Windows\system32\Drivers\a2djavs_x64.sys
19:08:27.0323 6300 a2djavs_x64 - ok
19:08:27.0378 6300 [ B5821079E99C9420AC78F60D536A9F1F ] a2djusb_svc C:\Windows\system32\Drivers\a2djusb.sys
19:08:27.0385 6300 a2djusb_svc - ok
19:08:27.0423 6300 [ C515FAFDE87046D2EF465CDA999DB38F ] a2djusb_x64 C:\Windows\system32\Drivers\a2djusb_x64.sys
19:08:27.0433 6300 a2djusb_x64 - ok
19:08:27.0452 6300 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:08:27.0464 6300 ACPI - ok
19:08:27.0507 6300 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:08:27.0573 6300 AcpiPmi - ok
19:08:27.0672 6300 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:08:27.0680 6300 AdobeARMservice - ok
19:08:27.0811 6300 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:08:27.0820 6300 AdobeFlashPlayerUpdateSvc - ok
19:08:27.0858 6300 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:08:27.0873 6300 adp94xx - ok
19:08:27.0911 6300 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:08:27.0923 6300 adpahci - ok
19:08:27.0954 6300 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:08:27.0964 6300 adpu320 - ok
19:08:27.0980 6300 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:08:28.0089 6300 AeLookupSvc - ok
19:08:28.0132 6300 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:08:28.0181 6300 AFD - ok
19:08:28.0218 6300 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:08:28.0226 6300 agp440 - ok
19:08:28.0234 6300 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:08:28.0256 6300 ALG - ok
19:08:28.0266 6300 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:08:28.0273 6300 aliide - ok
19:08:28.0284 6300 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:08:28.0291 6300 amdide - ok
19:08:28.0311 6300 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:08:28.0330 6300 AmdK8 - ok
19:08:28.0342 6300 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:08:28.0372 6300 AmdPPM - ok
19:08:28.0405 6300 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:08:28.0414 6300 amdsata - ok
19:08:28.0439 6300 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:08:28.0449 6300 amdsbs - ok
19:08:28.0462 6300 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:08:28.0470 6300 amdxata - ok
19:08:28.0488 6300 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
19:08:28.0503 6300 androidusb - ok
19:08:28.0532 6300 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:08:28.0635 6300 AppID - ok
19:08:28.0660 6300 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:08:28.0700 6300 AppIDSvc - ok
19:08:28.0736 6300 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:08:28.0775 6300 Appinfo - ok
19:08:28.0851 6300 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:08:28.0858 6300 Apple Mobile Device - ok
19:08:28.0909 6300 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
19:08:28.0916 6300 AppleCharger - ok
19:08:28.0957 6300 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
19:08:28.0965 6300 AppleChargerSrv - ok
19:08:29.0013 6300 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:08:29.0040 6300 AppMgmt - ok
19:08:29.0087 6300 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:08:29.0096 6300 arc - ok
19:08:29.0110 6300 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:08:29.0119 6300 arcsas - ok
19:08:29.0228 6300 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:08:29.0236 6300 aspnet_state - ok
19:08:29.0257 6300 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:29.0293 6300 AsyncMac - ok
19:08:29.0325 6300 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:08:29.0333 6300 atapi - ok
19:08:29.0394 6300 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:08:29.0435 6300 athr - ok
19:08:29.0490 6300 [ 36322190763845975E0D001E90687BF2 ] athur C:\Windows\system32\DRIVERS\athurx.sys
19:08:29.0530 6300 athur - ok
19:08:29.0563 6300 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:08:29.0572 6300 atksgt - ok
19:08:29.0599 6300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:08:29.0650 6300 AudioEndpointBuilder - ok
19:08:29.0697 6300 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:08:29.0726 6300 AudioSrv - ok
19:08:29.0740 6300 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:08:29.0794 6300 AxInstSV - ok
19:08:29.0836 6300 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:08:29.0867 6300 b06bdrv - ok
19:08:29.0920 6300 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:08:29.0956 6300 b57nd60a - ok
19:08:30.0035 6300 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:08:30.0150 6300 BDESVC - ok
19:08:30.0164 6300 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:08:30.0197 6300 Beep - ok
19:08:30.0233 6300 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:08:30.0276 6300 BFE - ok
19:08:30.0449 6300 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys
19:08:30.0475 6300 BHDrvx64 - ok
19:08:30.0507 6300 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:08:30.0553 6300 BITS - ok
19:08:30.0579 6300 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:30.0607 6300 blbdrive - ok
19:08:30.0667 6300 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:08:30.0680 6300 Bonjour Service - ok
19:08:30.0694 6300 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:08:30.0733 6300 bowser - ok
19:08:30.0747 6300 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:08:30.0772 6300 BrFiltLo - ok
19:08:30.0788 6300 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:08:30.0817 6300 BrFiltUp - ok
19:08:30.0848 6300 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:08:30.0864 6300 Browser - ok
19:08:30.0887 6300 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:08:30.0911 6300 Brserid - ok
19:08:30.0935 6300 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:30.0952 6300 BrSerWdm - ok
19:08:30.0958 6300 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:30.0969 6300 BrUsbMdm - ok
19:08:30.0979 6300 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:30.0988 6300 BrUsbSer - ok
19:08:30.0996 6300 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:08:31.0020 6300 BTHMODEM - ok
19:08:31.0053 6300 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:08:31.0080 6300 bthserv - ok
19:08:31.0189 6300 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys
19:08:31.0199 6300 ccSet_NIS - ok
19:08:31.0247 6300 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:08:31.0279 6300 cdfs - ok
19:08:31.0307 6300 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:08:31.0331 6300 cdrom - ok
19:08:31.0343 6300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:08:31.0378 6300 CertPropSvc - ok
19:08:31.0384 6300 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:08:31.0396 6300 circlass - ok
19:08:31.0413 6300 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:08:31.0426 6300 CLFS - ok
19:08:31.0466 6300 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:31.0473 6300 clr_optimization_v2.0.50727_32 - ok
19:08:31.0510 6300 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:08:31.0518 6300 clr_optimization_v2.0.50727_64 - ok
19:08:31.0595 6300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:08:31.0603 6300 clr_optimization_v4.0.30319_32 - ok
19:08:31.0644 6300 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:08:31.0651 6300 clr_optimization_v4.0.30319_64 - ok
19:08:31.0688 6300 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:08:31.0709 6300 CmBatt - ok
19:08:31.0718 6300 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:08:31.0726 6300 cmdide - ok
19:08:31.0767 6300 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:08:31.0786 6300 CNG - ok
19:08:31.0800 6300 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:08:31.0808 6300 Compbatt - ok
19:08:31.0824 6300 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:08:31.0852 6300 CompositeBus - ok
19:08:31.0854 6300 COMSysApp - ok
19:08:31.0868 6300 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:08:31.0876 6300 crcdisk - ok
19:08:31.0904 6300 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:08:31.0944 6300 CryptSvc - ok
19:08:31.0974 6300 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:08:32.0016 6300 CSC - ok
19:08:32.0036 6300 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:08:32.0058 6300 CscService - ok
19:08:32.0104 6300 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:08:32.0111 6300 dc3d - ok
19:08:32.0131 6300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:08:32.0161 6300 DcomLaunch - ok
19:08:32.0198 6300 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:08:32.0229 6300 defragsvc - ok
19:08:32.0323 6300 [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
19:08:32.0330 6300 DES2 Service - ok
19:08:32.0342 6300 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:08:32.0368 6300 DfsC - ok
19:08:32.0398 6300 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
19:08:32.0406 6300 dg_ssudbus - ok
19:08:32.0437 6300 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:08:32.0476 6300 Dhcp - ok
19:08:32.0507 6300 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:08:32.0532 6300 discache - ok
19:08:32.0589 6300 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:08:32.0597 6300 Disk - ok
19:08:32.0628 6300 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:08:32.0648 6300 dmvsc - ok
19:08:32.0657 6300 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:08:32.0677 6300 Dnscache - ok
19:08:32.0690 6300 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:08:32.0717 6300 dot3svc - ok
19:08:32.0728 6300 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:08:32.0766 6300 DPS - ok
19:08:32.0804 6300 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:08:32.0815 6300 drmkaud - ok
19:08:32.0844 6300 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:08:32.0854 6300 dtsoftbus01 - ok
19:08:32.0875 6300 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:08:32.0896 6300 DXGKrnl - ok
19:08:32.0914 6300 EagleX64 - ok
19:08:32.0930 6300 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:08:32.0957 6300 EapHost - ok
19:08:33.0003 6300 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:08:33.0066 6300 ebdrv - ok
19:08:33.0113 6300 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:08:33.0127 6300 eeCtrl - ok
19:08:33.0149 6300 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:08:33.0173 6300 EFS - ok
19:08:33.0214 6300 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:08:33.0241 6300 ehRecvr - ok
19:08:33.0252 6300 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:08:33.0274 6300 ehSched - ok
19:08:33.0297 6300 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:08:33.0312 6300 elxstor - ok
19:08:33.0392 6300 [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
19:08:33.0412 6300 EPSON_EB_RPCV4_01 - ok
19:08:33.0440 6300 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
19:08:33.0448 6300 EPSON_PM_RPCV4_01 - ok
19:08:33.0525 6300 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:08:33.0536 6300 EraserUtilRebootDrv - ok
19:08:33.0549 6300 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:08:33.0558 6300 ErrDev - ok
19:08:33.0594 6300 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
19:08:33.0601 6300 etdrv - ok
19:08:33.0638 6300 [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
19:08:33.0667 6300 EtronHub3 - ok
19:08:33.0698 6300 [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
19:08:33.0718 6300 EtronXHCI - ok
19:08:33.0747 6300 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:08:33.0781 6300 EventSystem - ok
19:08:33.0832 6300 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:08:33.0869 6300 exfat - ok
19:08:33.0906 6300 Fabs - ok
19:08:33.0935 6300 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:08:33.0968 6300 fastfat - ok
19:08:33.0990 6300 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:08:34.0006 6300 Fax - ok
19:08:34.0013 6300 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:08:34.0023 6300 fdc - ok
19:08:34.0034 6300 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:08:34.0078 6300 fdPHost - ok
19:08:34.0092 6300 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:08:34.0126 6300 FDResPub - ok
19:08:34.0139 6300 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:08:34.0147 6300 FileInfo - ok
19:08:34.0157 6300 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:08:34.0182 6300 Filetrace - ok
19:08:34.0239 6300 [ C623057D3905323F760A8B3C8523C072 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
19:08:34.0250 6300 FileZilla Server ( UnsignedFile.Multi.Generic ) - warning
19:08:34.0250 6300 FileZilla Server - detected UnsignedFile.Multi.Generic (1)
19:08:34.0310 6300 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:08:34.0383 6300 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:08:34.0383 6300 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:08:34.0401 6300 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:08:34.0426 6300 flpydisk - ok
19:08:34.0448 6300 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:08:34.0460 6300 FltMgr - ok
19:08:34.0491 6300 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:08:34.0527 6300 FontCache - ok
19:08:34.0572 6300 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:34.0579 6300 FontCache3.0.0.0 - ok
19:08:34.0587 6300 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:08:34.0595 6300 FsDepends - ok
19:08:34.0616 6300 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:08:34.0624 6300 Fs_Rec - ok
19:08:34.0646 6300 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:08:34.0660 6300 fvevol - ok
19:08:34.0698 6300 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:08:34.0707 6300 gagp30kx - ok
19:08:34.0734 6300 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
19:08:34.0740 6300 gdrv - ok
19:08:34.0763 6300 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:34.0769 6300 GEARAspiWDM - ok
19:08:34.0837 6300 [ 2DDD5CBB203C3C3FD6F74979EBD8CC92 ] GEST Service C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
19:08:34.0844 6300 GEST Service - ok
19:08:34.0863 6300 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:08:34.0896 6300 gpsvc - ok
19:08:34.0944 6300 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:34.0951 6300 gupdate - ok
19:08:34.0965 6300 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:34.0972 6300 gupdatem - ok
19:08:34.0988 6300 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
19:08:34.0996 6300 GVTDrv64 - ok
19:08:35.0030 6300 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:08:35.0037 6300 hamachi - ok
19:08:35.0137 6300 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:08:35.0181 6300 Hamachi2Svc - ok
19:08:35.0216 6300 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:08:35.0244 6300 hcw85cir - ok
19:08:35.0326 6300 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:08:35.0378 6300 HdAudAddService - ok
19:08:35.0421 6300 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:08:35.0534 6300 HDAudBus - ok
19:08:35.0578 6300 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:08:35.0597 6300 HidBatt - ok
19:08:35.0610 6300 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:08:35.0622 6300 HidBth - ok
19:08:35.0631 6300 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:08:35.0654 6300 HidIr - ok
19:08:35.0677 6300 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:08:35.0712 6300 hidserv - ok
19:08:35.0734 6300 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:08:35.0743 6300 HidUsb - ok
19:08:35.0764 6300 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:08:35.0795 6300 hkmsvc - ok
19:08:35.0810 6300 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:08:35.0820 6300 HomeGroupListener - ok
19:08:35.0828 6300 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:08:35.0838 6300 HomeGroupProvider - ok
19:08:35.0862 6300 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:08:35.0870 6300 HpSAMD - ok
19:08:35.0892 6300 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:08:35.0926 6300 HTTP - ok
19:08:35.0933 6300 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:08:35.0941 6300 hwpolicy - ok
19:08:35.0950 6300 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:08:35.0972 6300 i8042prt - ok
19:08:36.0009 6300 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:08:36.0022 6300 iaStorV - ok
19:08:36.0085 6300 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:08:36.0094 6300 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:08:36.0094 6300 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:08:36.0125 6300 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:36.0143 6300 idsvc - ok
19:08:36.0208 6300 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120927.001\IDSvia64.sys
19:08:36.0222 6300 IDSVia64 - ok
19:08:36.0234 6300 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:08:36.0243 6300 iirsp - ok
19:08:36.0267 6300 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:08:36.0309 6300 IKEEXT - ok
19:08:36.0388 6300 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:08:36.0466 6300 IntcAzAudAddService - ok
19:08:36.0482 6300 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:08:36.0490 6300 intelide - ok
19:08:36.0503 6300 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:08:36.0522 6300 intelppm - ok
19:08:36.0542 6300 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:08:36.0581 6300 IPBusEnum - ok
19:08:36.0616 6300 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:36.0646 6300 IpFilterDriver - ok
19:08:36.0662 6300 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:08:36.0693 6300 iphlpsvc - ok
19:08:36.0705 6300 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:08:36.0721 6300 IPMIDRV - ok
19:08:36.0732 6300 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:08:36.0769 6300 IPNAT - ok
19:08:36.0849 6300 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:08:36.0868 6300 iPod Service - ok
19:08:36.0896 6300 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:\Windows\system32\drivers\iPodDrv.sys
19:08:36.0904 6300 iPodDrv - ok
19:08:36.0922 6300 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:08:36.0948 6300 IRENUM - ok
19:08:36.0963 6300 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:08:36.0971 6300 isapnp - ok
19:08:37.0001 6300 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:08:37.0012 6300 iScsiPrt - ok
19:08:37.0029 6300 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:37.0038 6300 kbdclass - ok
19:08:37.0054 6300 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:08:37.0064 6300 kbdhid - ok
19:08:37.0074 6300 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:08:37.0083 6300 KeyIso - ok
19:08:37.0103 6300 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:08:37.0110 6300 KMWDFILTER - ok
19:08:37.0163 6300 [ 21153127E50EAAEEEB6282B3D17FBCDF ] ks2avs C:\Windows\system32\Drivers\ks2avs.sys
19:08:37.0173 6300 ks2avs - ok
19:08:37.0200 6300 [ 5DA41A519DFF55EF3A969577E18119E0 ] ks2usb_svc C:\Windows\system32\Drivers\ks2usb.sys
19:08:37.0208 6300 ks2usb_svc - ok
19:08:37.0234 6300 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:08:37.0243 6300 KSecDD - ok
19:08:37.0256 6300 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:08:37.0266 6300 KSecPkg - ok
19:08:37.0293 6300 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:08:37.0318 6300 ksthunk - ok
19:08:37.0341 6300 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:08:37.0382 6300 KtmRm - ok
19:08:37.0404 6300 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:08:37.0446 6300 LanmanServer - ok
19:08:37.0472 6300 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:08:37.0499 6300 LanmanWorkstation - ok
19:08:37.0521 6300 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:08:37.0529 6300 lirsgt - ok
19:08:37.0549 6300 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:08:37.0593 6300 lltdio - ok
19:08:37.0644 6300 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:08:37.0673 6300 lltdsvc - ok
19:08:37.0681 6300 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:08:37.0707 6300 lmhosts - ok
19:08:37.0725 6300 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:08:37.0734 6300 LSI_FC - ok
19:08:37.0747 6300 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:08:37.0755 6300 LSI_SAS - ok
19:08:37.0764 6300 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:08:37.0773 6300 LSI_SAS2 - ok
19:08:37.0809 6300 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:08:37.0818 6300 LSI_SCSI - ok
19:08:37.0836 6300 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:08:37.0863 6300 luafv - ok
19:08:37.0899 6300 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:08:37.0912 6300 LVRS64 - ok
19:08:37.0994 6300 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:08:38.0093 6300 LVUVC64 - ok
19:08:38.0141 6300 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
19:08:38.0149 6300 ManyCam - ok
19:08:38.0171 6300 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
19:08:38.0192 6300 mcaudrv_simple - ok
19:08:38.0216 6300 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:08:38.0232 6300 Mcx2Svc - ok
19:08:38.0266 6300 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:08:38.0274 6300 megasas - ok
19:08:38.0290 6300 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:08:38.0301 6300 MegaSR - ok
19:08:38.0331 6300 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:08:38.0339 6300 MEIx64 - ok
19:08:38.0390 6300 Microsoft SharePoint Workspace Audit Service - ok
19:08:38.0402 6300 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:08:38.0429 6300 MMCSS - ok
19:08:38.0455 6300 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:08:38.0491 6300 Modem - ok
19:08:38.0526 6300 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:08:38.0548 6300 monitor - ok
19:08:38.0567 6300 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:08:38.0576 6300 mouclass - ok
19:08:38.0592 6300 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:08:38.0617 6300 mouhid - ok
19:08:38.0667 6300 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:08:38.0676 6300 mountmgr - ok
19:08:38.0742 6300 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:08:38.0750 6300 MozillaMaintenance - ok
19:08:38.0767 6300 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:08:38.0777 6300 mpio - ok
19:08:38.0788 6300 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:08:38.0813 6300 mpsdrv - ok
19:08:38.0861 6300 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:08:38.0894 6300 MpsSvc - ok
19:08:38.0903 6300 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:08:38.0918 6300 MRxDAV - ok
19:08:38.0930 6300 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:38.0952 6300 mrxsmb - ok
19:08:38.0986 6300 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:38.0998 6300 mrxsmb10 - ok
19:08:39.0008 6300 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:39.0030 6300 mrxsmb20 - ok
19:08:39.0040 6300 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:08:39.0048 6300 msahci - ok
19:08:39.0078 6300 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:08:39.0087 6300 MSCamSvc - ok
19:08:39.0107 6300 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:08:39.0116 6300 msdsm - ok
19:08:39.0124 6300 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:08:39.0136 6300 MSDTC - ok
19:08:39.0151 6300 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:08:39.0183 6300 Msfs - ok
19:08:39.0200 6300 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:08:39.0225 6300 mshidkmdf - ok
19:08:39.0229 6300 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:08:39.0237 6300 msisadrv - ok
19:08:39.0257 6300 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:08:39.0291 6300 MSiSCSI - ok
19:08:39.0293 6300 msiserver - ok
19:08:39.0312 6300 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:08:39.0338 6300 MSKSSRV - ok
19:08:39.0354 6300 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:39.0381 6300 MSPCLOCK - ok
19:08:39.0390 6300 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:08:39.0426 6300 MSPQM - ok
19:08:39.0439 6300 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:08:39.0452 6300 MsRPC - ok
19:08:39.0455 6300 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:08:39.0463 6300 mssmbios - ok
19:08:39.0491 6300 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:08:39.0516 6300 MSTEE - ok
19:08:39.0523 6300 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:08:39.0532 6300 MTConfig - ok
19:08:39.0557 6300 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:08:39.0566 6300 Mup - ok
19:08:39.0586 6300 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:08:39.0631 6300 napagent - ok
19:08:39.0680 6300 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:08:39.0704 6300 NativeWifiP - ok
19:08:39.0766 6300 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\ENG64.SYS
19:08:39.0774 6300 NAVENG - ok
19:08:39.0811 6300 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\EX64.SYS
19:08:39.0872 6300 NAVEX15 - ok
19:08:39.0930 6300 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:08:39.0951 6300 NDIS - ok
19:08:39.0982 6300 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:40.0018 6300 NdisCap - ok
19:08:40.0038 6300 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:40.0064 6300 NdisTapi - ok
19:08:40.0072 6300 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:40.0097 6300 Ndisuio - ok
19:08:40.0105 6300 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:40.0153 6300 NdisWan - ok
19:08:40.0191 6300 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:08:40.0215 6300 NDProxy - ok
19:08:40.0240 6300 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:08:40.0265 6300 NetBIOS - ok
19:08:40.0291 6300 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:08:40.0325 6300 NetBT - ok
19:08:40.0341 6300 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:08:40.0350 6300 Netlogon - ok
19:08:40.0371 6300 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:08:40.0411 6300 Netman - ok
19:08:40.0448 6300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0456 6300 NetMsmqActivator - ok
19:08:40.0473 6300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0480 6300 NetPipeActivator - ok
19:08:40.0496 6300 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:08:40.0526 6300 netprofm - ok
19:08:40.0531 6300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0538 6300 NetTcpActivator - ok
19:08:40.0540 6300 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:40.0548 6300 NetTcpPortSharing - ok
19:08:40.0597 6300 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:08:40.0627 6300 nfrd960 - ok
19:08:40.0797 6300 [ 93F304DEB07095BCF33BD1C17C2DB2A7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
19:08:40.0947 6300 NIHardwareService - ok
19:08:41.0090 6300 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
19:08:41.0099 6300 NIS - ok
19:08:41.0120 6300 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:08:41.0154 6300 NlaSvc - ok
19:08:41.0166 6300 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:08:41.0191 6300 Npfs - ok
19:08:41.0197 6300 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:08:41.0240 6300 nsi - ok
19:08:41.0254 6300 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:08:41.0279 6300 nsiproxy - ok
19:08:41.0316 6300 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:08:41.0353 6300 Ntfs - ok
19:08:41.0359 6300 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:08:41.0396 6300 Null - ok
19:08:41.0438 6300 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:08:41.0448 6300 NVHDA - ok
19:08:41.0645 6300 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:08:41.0926 6300 nvlddmkm - ok
19:08:41.0952 6300 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:08:41.0962 6300 nvraid - ok
19:08:41.0972 6300 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:08:41.0982 6300 nvstor - ok
19:08:42.0025 6300 [ 43F91595049DE14C4B61D1E76436164F ] NVSvc C:\Windows\system32\nvvsvc.exe
19:08:42.0041 6300 NVSvc - ok
19:08:42.0125 6300 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:08:42.0150 6300 nvUpdatusService - ok
19:08:42.0189 6300 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:08:42.0198 6300 nv_agp - ok
19:08:42.0232 6300 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:08:42.0249 6300 ohci1394 - ok
19:08:42.0282 6300 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:08:42.0290 6300 ose64 - ok
19:08:42.0431 6300 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:08:42.0548 6300 osppsvc - ok
19:08:42.0680 6300 [ 01B14F4D64BC70E93734211C3D324099 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
19:08:42.0687 6300 OverwolfUpdaterService - ok
19:08:42.0712 6300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:08:42.0735 6300 p2pimsvc - ok
19:08:42.0764 6300 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:08:42.0789 6300 p2psvc - ok
19:08:42.0801 6300 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:08:42.0811 6300 Parport - ok
19:08:42.0837 6300 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:08:42.0846 6300 partmgr - ok
19:08:42.0862 6300 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:08:42.0883 6300 PcaSvc - ok
19:08:42.0893 6300 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:08:42.0903 6300 pci - ok
19:08:42.0927 6300 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:08:42.0935 6300 pciide - ok
19:08:42.0965 6300 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:08:42.0976 6300 pcmcia - ok
19:08:42.0986 6300 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:08:42.0994 6300 pcw - ok
19:08:43.0007 6300 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:08:43.0039 6300 PEAUTH - ok
19:08:43.0087 6300 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:08:43.0124 6300 PeerDistSvc - ok
19:08:43.0201 6300 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:08:43.0218 6300 PerfHost - ok
19:08:43.0269 6300 [ FE9E913758C770CC6E88D9B8C95D0AD4 ] phc710 C:\Windows\system32\DRIVERS\phc710.sys
19:08:43.0320 6300 phc710 - ok
19:08:43.0360 6300 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:08:43.0421 6300 pla - ok
19:08:43.0451 6300 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:08:43.0464 6300 PlugPlay - ok
19:08:43.0483 6300 PnkBstrA - ok
19:08:43.0494 6300 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:08:43.0523 6300 PNRPAutoReg - ok
19:08:43.0549 6300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:08:43.0560 6300 PNRPsvc - ok
19:08:43.0571 6300 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:08:43.0577 6300 Point64 - ok
19:08:43.0600 6300 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:08:43.0639 6300 PolicyAgent - ok
19:08:43.0673 6300 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:08:43.0700 6300 Power - ok
19:08:43.0729 6300 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:08:43.0767 6300 PptpMiniport - ok
19:08:43.0799 6300 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:08:43.0824 6300 Processor - ok
19:08:43.0851 6300 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:08:43.0862 6300 ProfSvc - ok
19:08:43.0866 6300 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:08:43.0875 6300 ProtectedStorage - ok
19:08:43.0911 6300 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:08:43.0937 6300 Psched - ok
19:08:43.0968 6300 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:08:43.0976 6300 PxHlpa64 - ok
19:08:44.0020 6300 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:08:44.0049 6300 ql2300 - ok
19:08:44.0063 6300 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:08:44.0073 6300 ql40xx - ok
19:08:44.0091 6300 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:08:44.0106 6300 QWAVE - ok
19:08:44.0114 6300 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:08:44.0127 6300 QWAVEdrv - ok
19:08:44.0151 6300 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:08:44.0180 6300 RasAcd - ok
19:08:44.0226 6300 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:08:44.0259 6300 RasAgileVpn - ok
19:08:44.0271 6300 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:08:44.0297 6300 RasAuto - ok
19:08:44.0303 6300 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:44.0342 6300 Rasl2tp - ok
19:08:44.0365 6300 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:08:44.0410 6300 RasMan - ok
19:08:44.0433 6300 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:44.0464 6300 RasPppoe - ok
19:08:44.0472 6300 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:08:44.0507 6300 RasSstp - ok
19:08:44.0518 6300 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:08:44.0551 6300 rdbss - ok
19:08:44.0574 6300 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:08:44.0585 6300 rdpbus - ok
19:08:44.0613 6300 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:44.0648 6300 RDPCDD - ok
19:08:44.0674 6300 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:08:44.0701 6300 RDPDR - ok
19:08:44.0715 6300 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:08:44.0740 6300 RDPENCDD - ok
19:08:44.0753 6300 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:08:44.0792 6300 RDPREFMP - ok
19:08:44.0821 6300 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:08:44.0840 6300 RdpVideoMiniport - ok
19:08:44.0860 6300 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:08:44.0870 6300 RDPWD - ok
19:08:44.0879 6300 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:08:44.0889 6300 rdyboost - ok
19:08:44.0909 6300 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:08:44.0935 6300 RemoteAccess - ok
19:08:44.0950 6300 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:08:44.0984 6300 RemoteRegistry - ok
19:08:45.0103 6300 [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe
19:08:45.0125 6300 RoxMediaDB12 - ok
19:08:45.0158 6300 [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe
19:08:45.0168 6300 RoxWatch12 - ok
19:08:45.0171 6300 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:08:45.0197 6300 RpcEptMapper - ok
19:08:45.0215 6300 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:08:45.0224 6300 RpcLocator - ok
19:08:45.0239 6300 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:08:45.0268 6300 RpcSs - ok
19:08:45.0302 6300 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:08:45.0339 6300 rspndr - ok
19:08:45.0381 6300 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:08:45.0395 6300 RTL8167 - ok
19:08:45.0430 6300 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:08:45.0438 6300 s3cap - ok
19:08:45.0472 6300 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
19:08:45.0479 6300 Sahdad64 - ok
19:08:45.0484 6300 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
19:08:45.0491 6300 Saibad64 - ok
19:08:45.0505 6300 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
19:08:45.0512 6300 SaibVdAd64 - ok
19:08:45.0524 6300 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:08:45.0533 6300 SamSs - ok
19:08:45.0545 6300 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:08:45.0554 6300 sbp2port - ok
19:08:45.0566 6300 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:08:45.0605 6300 SCardSvr - ok
19:08:45.0640 6300 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:08:45.0679 6300 scfilter - ok
19:08:45.0710 6300 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:08:45.0763 6300 Schedule - ok
19:08:45.0790 6300 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:08:45.0815 6300 SCPolicySvc - ok
19:08:45.0821 6300 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:08:45.0849 6300 SDRSVC - ok
19:08:45.0895 6300 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:08:45.0920 6300 secdrv - ok
19:08:45.0925 6300 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:08:45.0950 6300 seclogon - ok
19:08:45.0956 6300 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:08:45.0982 6300 SENS - ok
19:08:45.0989 6300 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:08:46.0003 6300 SensrSvc - ok
19:08:46.0015 6300 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:08:46.0035 6300 Serenum - ok
19:08:46.0046 6300 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:08:46.0069 6300 Serial - ok
19:08:46.0092 6300 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:08:46.0107 6300 sermouse - ok
19:08:46.0124 6300 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:08:46.0151 6300 SessionEnv - ok
19:08:46.0185 6300 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:08:46.0196 6300 sffdisk - ok
19:08:46.0201 6300 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:08:46.0212 6300 sffp_mmc - ok
19:08:46.0221 6300 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:08:46.0231 6300 sffp_sd - ok
19:08:46.0260 6300 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:08:46.0269 6300 sfloppy - ok
19:08:46.0298 6300 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:08:46.0327 6300 SharedAccess - ok
19:08:46.0342 6300 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:08:46.0371 6300 ShellHWDetection - ok
19:08:46.0386 6300 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:08:46.0394 6300 SiSRaid2 - ok
19:08:46.0404 6300 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:08:46.0413 6300 SiSRaid4 - ok
19:08:46.0491 6300 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:08:46.0499 6300 SkypeUpdate - ok
19:08:46.0588 6300 [ 101556F6216E97F1258D87C38203695F ] Smart TimeLock C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
19:08:46.0607 6300 Smart TimeLock ( UnsignedFile.Multi.Generic ) - warning
19:08:46.0607 6300 Smart TimeLock - detected UnsignedFile.Multi.Generic (1)
19:08:46.0624 6300 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:08:46.0656 6300 Smb - ok
19:08:46.0696 6300 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:08:46.0713 6300 SNMPTRAP - ok
19:08:46.0891 6300 [ BE35CC81081328B1CFB2A5AB5CF0CE33 ] SNP325 C:\Windows\system32\DRIVERS\snp325.sys
19:08:47.0080 6300 SNP325 - ok
19:08:47.0102 6300 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:08:47.0110 6300 spldr - ok
19:08:47.0128 6300 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:08:47.0154 6300 Spooler - ok
19:08:47.0209 6300 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:08:47.0309 6300 sppsvc - ok
19:08:47.0326 6300 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:08:47.0352 6300 sppuinotify - ok
19:08:47.0433 6300 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS
19:08:47.0450 6300 SRTSP - ok
19:08:47.0471 6300 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS
19:08:47.0477 6300 SRTSPX - ok
19:08:47.0515 6300 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:08:47.0552 6300 srv - ok
19:08:47.0564 6300 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:08:47.0586 6300 srv2 - ok
19:08:47.0601 6300 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:08:47.0611 6300 srvnet - ok
19:08:47.0639 6300 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
19:08:47.0650 6300 ssadbus - ok
19:08:47.0661 6300 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:08:47.0671 6300 ssadmdfl - ok
19:08:47.0686 6300 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
19:08:47.0703 6300 ssadmdm - ok
19:08:47.0730 6300 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
19:08:47.0739 6300 sscdbus - ok
19:08:47.0751 6300 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:08:47.0758 6300 sscdmdfl - ok
19:08:47.0771 6300 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
19:08:47.0780 6300 sscdmdm - ok
19:08:47.0805 6300 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:08:47.0832 6300 SSDPSRV - ok
19:08:47.0865 6300 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:08:47.0891 6300 SstpSvc - ok
19:08:47.0929 6300 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
19:08:47.0938 6300 ssudmdm - ok
19:08:47.0971 6300 [ D4B75B0A46F7BF74E13F1493E7721786 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys
19:08:47.0981 6300 ssudobex - ok
19:08:47.0992 6300 Steam Client Service - ok
19:08:48.0117 6300 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:08:48.0128 6300 Stereo Service - ok
19:08:48.0164 6300 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:08:48.0172 6300 stexstor - ok
19:08:48.0201 6300 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:08:48.0226 6300 stisvc - ok
19:08:48.0254 6300 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:08:48.0263 6300 storflt - ok
19:08:48.0299 6300 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:08:48.0307 6300 storvsc - ok
19:08:48.0320 6300 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:08:48.0328 6300 swenum - ok
19:08:48.0398 6300 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:08:48.0410 6300 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:08:48.0410 6300 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:08:48.0423 6300 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:08:48.0455 6300 swprv - ok
19:08:48.0486 6300 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS
19:08:48.0499 6300 SymDS - ok
19:08:48.0527 6300 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS
19:08:48.0551 6300 SymEFA - ok
19:08:48.0603 6300 [ 894579207E39C465737E850A252CE4F2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:08:48.0612 6300 SymEvent - ok
19:08:48.0630 6300 [ B681D1B0F9596684225DCC9B94C6BACF ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
19:08:48.0637 6300 SymIM - ok
19:08:48.0662 6300 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS
19:08:48.0671 6300 SymIRON - ok
19:08:48.0677 6300 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS
19:08:48.0689 6300 SymNetS - ok
19:08:48.0720 6300 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
19:08:48.0729 6300 Synth3dVsc - ok
19:08:48.0758 6300 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:08:48.0797 6300 SysMain - ok
19:08:48.0810 6300 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:48.0824 6300 TabletInputService - ok
19:08:48.0839 6300 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:08:48.0875 6300 TapiSrv - ok
19:08:48.0886 6300 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:08:48.0929 6300 TBS - ok
19:08:48.0981 6300 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:08:49.0022 6300 Tcpip - ok
19:08:49.0050 6300 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:08:49.0078 6300 TCPIP6 - ok
19:08:49.0115 6300 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:08:49.0140 6300 tcpipreg - ok
19:08:49.0149 6300 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:08:49.0158 6300 TDPIPE - ok
19:08:49.0171 6300 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:08:49.0200 6300 TDTCP - ok
19:08:49.0222 6300 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:08:49.0279 6300 tdx - ok
19:08:49.0460 6300 [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
19:08:49.0517 6300 TeamViewer7 - ok
19:08:49.0531 6300 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:08:49.0543 6300 TermDD - ok
19:08:49.0571 6300 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:08:49.0591 6300 terminpt - ok
19:08:49.0616 6300 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:08:49.0648 6300 TermService - ok
19:08:49.0672 6300 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:08:49.0685 6300 Themes - ok
19:08:49.0697 6300 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:08:49.0722 6300 THREADORDER - ok
19:08:49.0732 6300 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:08:49.0769 6300 TrkWks - ok
19:08:49.0787 6300 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:08:49.0825 6300 TrustedInstaller - ok
19:08:49.0837 6300 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:08:49.0862 6300 tssecsrv - ok
19:08:49.0881 6300 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:08:49.0897 6300 TsUsbFlt - ok
19:08:49.0905 6300 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:08:49.0913 6300 TsUsbGD - ok
19:08:49.0922 6300 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:08:49.0945 6300 tsusbhub - ok
19:08:49.0995 6300 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:08:50.0031 6300 tunnel - ok
19:08:50.0042 6300 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:08:50.0051 6300 uagp35 - ok
19:08:50.0067 6300 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:08:50.0114 6300 udfs - ok
19:08:50.0135 6300 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:08:50.0146 6300 UI0Detect - ok
19:08:50.0163 6300 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:08:50.0171 6300 uliagpkx - ok
19:08:50.0174 6300 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:08:50.0194 6300 umbus - ok
19:08:50.0218 6300 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:08:50.0227 6300 UmPass - ok
19:08:50.0263 6300 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:08:50.0291 6300 UmRdpService - ok
19:08:50.0343 6300 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:08:50.0356 6300 UMVPFSrv - ok
19:08:50.0366 6300 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:08:50.0407 6300 upnphost - ok
19:08:50.0453 6300 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:08:50.0457 6300 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:08:50.0457 6300 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:08:50.0493 6300 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:08:50.0521 6300 usbaudio - ok
19:08:50.0548 6300 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:08:50.0558 6300 usbccgp - ok
19:08:50.0588 6300 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:08:50.0612 6300 usbcir - ok
19:08:50.0631 6300 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:08:50.0646 6300 usbehci - ok
19:08:50.0671 6300 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:08:50.0684 6300 usbhub - ok
19:08:50.0697 6300 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:08:50.0706 6300 usbohci - ok
19:08:50.0738 6300 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:08:50.0758 6300 usbprint - ok
19:08:50.0807 6300 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:08:50.0830 6300 usbscan - ok
19:08:50.0843 6300 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:08:50.0852 6300 USBSTOR - ok
19:08:50.0863 6300 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:08:50.0873 6300 usbuhci - ok
19:08:50.0912 6300 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:08:50.0924 6300 usbvideo - ok
19:08:50.0943 6300 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:08:50.0986 6300 UxSms - ok
19:08:51.0007 6300 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:08:51.0016 6300 VaultSvc - ok
19:08:51.0035 6300 [ BA20A718E25228B9D69D72E4F19EDEB5 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:08:51.0045 6300 VBoxDrv - ok
19:08:51.0065 6300 [ 48630B4530C80AAF3DDE9633E4291D8C ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:08:51.0074 6300 VBoxNetAdp - ok
19:08:51.0086 6300 [ 8B86A00D13E2DCBFE320061F3435FAFF ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:08:51.0096 6300 VBoxNetFlt - ok
19:08:51.0110 6300 [ 4831EE295C9911B0236867931BE493F1 ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
19:08:51.0119 6300 VBoxUSB - ok
19:08:51.0133 6300 [ CEC73CEA22B7258C0A8F2354DC49D25C ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:08:51.0141 6300 VBoxUSBMon - ok
19:08:51.0175 6300 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:08:51.0183 6300 vdrvroot - ok
19:08:51.0196 6300 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:08:51.0245 6300 vds - ok
19:08:51.0270 6300 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:08:51.0281 6300 vga - ok
19:08:51.0293 6300 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:08:51.0325 6300 VgaSave - ok
19:08:51.0327 6300 VGPU - ok
19:08:51.0355 6300 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:08:51.0366 6300 vhdmp - ok
19:08:51.0380 6300 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:08:51.0387 6300 viaide - ok
19:08:51.0415 6300 [ 80E731A278695B47345D0171A19E428B ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:08:51.0425 6300 vmbus - ok
19:08:51.0432 6300 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:08:51.0440 6300 VMBusHID - ok
19:08:51.0454 6300 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:08:51.0462 6300 volmgr - ok
19:08:51.0492 6300 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:08:51.0505 6300 volmgrx - ok
19:08:51.0517 6300 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:08:51.0529 6300 volsnap - ok
19:08:51.0548 6300 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:08:51.0558 6300 vsmraid - ok
19:08:51.0599 6300 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:08:51.0653 6300 VSS - ok
19:08:51.0675 6300 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:08:51.0687 6300 vwifibus - ok
19:08:51.0703 6300 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:08:51.0716 6300 vwififlt - ok
19:08:51.0756 6300 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:08:51.0802 6300 vwifimp - ok
19:08:51.0824 6300 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:08:51.0854 6300 W32Time - ok
19:08:51.0870 6300 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:08:51.0879 6300 WacomPen - ok
19:08:51.0894 6300 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:08:51.0934 6300 WANARP - ok
19:08:51.0947 6300 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:08:51.0972 6300 Wanarpv6 - ok
19:08:52.0025 6300 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:08:52.0051 6300 WatAdminSvc - ok
19:08:52.0077 6300 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:08:52.0123 6300 wbengine - ok
19:08:52.0145 6300 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:08:52.0160 6300 WbioSrvc - ok
19:08:52.0170 6300 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:08:52.0198 6300 wcncsvc - ok
19:08:52.0212 6300 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:08:52.0231 6300 WcsPlugInService - ok
19:08:52.0243 6300 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:08:52.0252 6300 Wd - ok
19:08:52.0273 6300 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:08:52.0289 6300 Wdf01000 - ok
19:08:52.0296 6300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:08:52.0328 6300 WdiServiceHost - ok
19:08:52.0330 6300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:08:52.0344 6300 WdiSystemHost - ok
19:08:52.0361 6300 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:08:52.0383 6300 WebClient - ok
19:08:52.0396 6300 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:08:52.0438 6300 Wecsvc - ok
19:08:52.0458 6300 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:08:52.0485 6300 wercplsupport - ok
19:08:52.0501 6300 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:08:52.0540 6300 WerSvc - ok
19:08:52.0564 6300 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:08:52.0590 6300 WfpLwf - ok
19:08:52.0620 6300 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:08:52.0628 6300 WIMMount - ok
19:08:52.0635 6300 WinDefend - ok
19:08:52.0639 6300 WinHttpAutoProxySvc - ok
19:08:52.0680 6300 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:08:52.0709 6300 Winmgmt - ok
19:08:52.0850 6300 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:08:52.0896 6300 WinRM - ok
19:08:52.0936 6300 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:08:52.0948 6300 WinUsb - ok
19:08:52.0965 6300 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:08:52.0987 6300 Wlansvc - ok
19:08:53.0012 6300 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:08:53.0031 6300 WmiAcpi - ok
19:08:53.0063 6300 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:08:53.0083 6300 wmiApSrv - ok
19:08:53.0090 6300 WMPNetworkSvc - ok
19:08:53.0098 6300 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:08:53.0108 6300 WPCSvc - ok
19:08:53.0117 6300 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:08:53.0129 6300 WPDBusEnum - ok
19:08:53.0141 6300 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:08:53.0167 6300 ws2ifsl - ok
19:08:53.0173 6300 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:08:53.0187 6300 wscsvc - ok
19:08:53.0189 6300 WSearch - ok
19:08:53.0231 6300 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:08:53.0286 6300 wuauserv - ok
19:08:53.0294 6300 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:08:53.0320 6300 WudfPf - ok
19:08:53.0355 6300 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:08:53.0381 6300 WUDFRd - ok
19:08:53.0407 6300 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:08:53.0432 6300 wudfsvc - ok
19:08:53.0439 6300 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:08:53.0468 6300 WwanSvc - ok
19:08:53.0522 6300 ================ Scan global ===============================
19:08:53.0543 6300 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:08:53.0554 6300 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:08:53.0560 6300 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:08:53.0581 6300 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:08:53.0598 6300 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:08:53.0601 6300 [Global] - ok
19:08:53.0601 6300 ================ Scan MBR ==================================
19:08:53.0612 6300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:08:53.0949 6300 \Device\Harddisk0\DR0 - ok
19:08:53.0950 6300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:08:54.0468 6300 \Device\Harddisk1\DR1 - ok
19:08:54.0471 6300 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
19:08:54.0585 6300 \Device\Harddisk2\DR2 - ok
19:08:54.0586 6300 ================ Scan VBR ==================================
19:08:54.0593 6300 [ 2932F18FA649FF21C5D3A40912159221 ] \Device\Harddisk0\DR0\Partition1
19:08:54.0594 6300 \Device\Harddisk0\DR0\Partition1 - ok
19:08:54.0596 6300 [ 42F18F50D0B8E38AA17CAD8ED13D3B53 ] \Device\Harddisk0\DR0\Partition2
19:08:54.0597 6300 \Device\Harddisk0\DR0\Partition2 - ok
19:08:54.0599 6300 [ D569134E1863D52A561E8BAA8F12D57D ] \Device\Harddisk1\DR1\Partition1
19:08:54.0599 6300 \Device\Harddisk1\DR1\Partition1 - ok
19:08:54.0601 6300 [ 674D508787620AD6D105EA49EF3D8F0B ] \Device\Harddisk1\DR1\Partition2
19:08:54.0602 6300 \Device\Harddisk1\DR1\Partition2 - ok
19:08:54.0604 6300 [ EB4B1F85FC6692F93233D8C57DDF3F8B ] \Device\Harddisk2\DR2\Partition1
19:08:54.0606 6300 \Device\Harddisk2\DR2\Partition1 - ok
19:08:54.0607 6300 ============================================================
19:08:54.0607 6300 Scan finished
19:08:54.0607 6300 ============================================================
19:08:54.0612 6452 Detected object count: 6
19:08:54.0612 6452 Actual detected object count: 6
19:09:02.0449 6452 FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0449 6452 FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:02.0450 6452 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0450 6452 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:02.0450 6452 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0450 6452 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:02.0451 6452 Smart TimeLock ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0451 6452 Smart TimeLock ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:02.0452 6452 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0452 6452 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:09:02.0452 6452 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:09:02.0452 6452 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
01.10.2012, 13:36
| #7 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam Reminder  |
|
03.10.2012, 17:46
| #8 |
| /// Malware-holic | Sobald ich einen Browser öffne wir mein Internet extrem langsamCombofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.10.2012, 15:16
| #9 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam Hier die Log von Combofix: [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 12-10-04.01 - Marc 04.10.2012 15:52:37.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8175.5107 [GMT 2:00]
ausgeführt von:: c:\users\Marc\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk
c:\programdata\ntuser.dat
c:\users\Marc\AppData\Roaming\vso_ts_preview.xml
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-04 bis 2012-10-04 ))))))))))))))))))))))))))))))
.
.
2012-10-04 14:09 . 2012-10-04 14:09 -------- d-----w- c:\users\UpdatusUser.Marc-PC\AppData\Local\temp
2012-10-04 14:09 . 2012-10-04 14:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-02 11:01 . 2012-10-02 11:01 -------- d-----w- c:\windows\system32\drivers\NISx64\1309000.009
2012-09-26 10:03 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-25 15:29 . 2012-09-25 15:29 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-21 16:17 . 2012-09-21 16:17 -------- dc-h--w- c:\programdata\{30FA7941-4170-4C83-A9A8-FDF01C431704}
2012-09-20 18:07 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-20 18:07 . 2012-09-20 18:07 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-20 18:07 . 2012-09-20 18:07 -------- d-----w- c:\program files\iTunes
2012-09-20 18:07 . 2012-09-20 18:07 -------- d-----w- c:\program files\iPod
2012-09-18 18:59 . 2012-09-21 13:22 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-18 12:20 . 2012-09-21 13:22 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-17 16:57 . 2012-09-25 17:45 -------- d-----w- c:\program files (x86)\edcast
2012-09-16 19:42 . 2012-09-16 19:42 -------- d-----w- c:\program files (x86)\uTorrent
2012-09-16 19:41 . 2012-09-16 20:10 -------- d-----w- c:\users\Marc\AppData\Roaming\uTorrent
2012-09-12 16:39 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 16:39 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 16:39 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 16:39 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 16:39 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 16:39 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 16:39 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 10:55 . 2012-09-11 10:55 -------- d-----w- C:\found.004
2012-09-08 11:12 . 2012-09-08 11:12 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-08 08:53 . 2011-04-11 23:33 1579520 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-09-07 14:56 . 2012-09-07 14:56 -------- d-----w- c:\program files (x86)\simfy
2012-09-06 18:52 . 2012-09-06 18:52 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2012-09-04 18:57 . 2012-09-04 18:57 -------- d-----w- c:\program files (x86)\SplitMediaLabs
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-04 12:58 . 2011-07-06 17:57 25640 ----a-w- c:\windows\gdrv.sys
2012-09-22 19:47 . 2011-04-08 14:45 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-22 19:47 . 2011-04-08 13:51 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-22 19:47 . 2011-04-08 13:51 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-13 12:59 . 2012-01-02 14:26 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-08 11:12 . 2011-06-20 18:38 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 19:14 . 2012-02-19 11:31 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-08-30 19:14 . 2011-08-12 13:42 2725224 ----a-w- c:\windows\system32\nvapi64.dll
2012-08-30 19:14 . 2011-05-21 04:01 2422120 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-08-30 19:14 . 2011-05-21 04:01 18229096 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-08-30 19:14 . 2011-05-21 04:01 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-08-30 19:14 . 2011-05-21 04:01 14879080 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-08-30 19:14 . 2011-05-21 04:01 12465512 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-08-30 16:18 . 2011-01-07 18:49 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-08-30 16:18 . 2011-01-07 18:49 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-08-30 16:18 . 2011-01-07 18:49 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-08-30 16:18 . 2011-01-07 18:49 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-08-30 16:18 . 2012-05-21 16:57 3487434 ----a-w- c:\windows\system32\nvcoproc.bin
2012-08-30 16:18 . 2011-01-07 18:49 3266920 ----a-w- c:\windows\system32\nvsvc64.dll
2012-08-30 16:17 . 2011-01-07 18:50 6198120 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 08:40 . 2012-08-30 08:40 429416 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-08-21 11:01 . 2011-04-20 18:48 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-04-20 18:48 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-07-30 11:32 . 2012-07-30 11:32 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2012-07-30 11:32 . 2012-07-30 11:32 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
2012-07-30 11:32 . 2012-07-30 11:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 11:32 . 2012-07-30 11:32 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-07-30 11:32 . 2012-07-30 11:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-18 18:15 . 2012-08-15 08:41 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Facebook Update"="c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-29 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"DES2"="c:\program files (x86)\GIGABYTE\EnergySaver2\des2.exe" [2011-03-08 359024]
"SDBOK"="c:\program files (x86)\GIGABYTE\smart6\dbios\run.exe" [2009-07-06 207400]
.
c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Facebook Desktop.lnk - c:\program files (x86)\Facebook Desktop\Facebook Desktop.exe [2011-9-9 142848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 a2djavs_x64;a2djavs_x64;c:\windows\system32\Drivers\a2djavs_x64.sys [2009-10-08 44624]
R3 a2djusb_x64;a2djusb_x64;c:\windows\system32\Drivers\a2djusb_x64.sys [2009-10-08 300112]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-06 1847296]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-12 138912]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-06-06 25640]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-06-06 30528]
R3 ks2avs;Kontrol S2 WDM Audio;c:\windows\system32\Drivers\ks2avs.sys [2012-02-22 358480]
R3 ks2usb_svc;Traktor Kontrol S2;c:\windows\system32\Drivers\ks2usb.sys [2012-02-22 80464]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [2012-08-21 18360]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 RoxMediaDB12;RoxMediaDB12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys [2007-11-22 10733184]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-03-14 117040]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-19 1255736]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-01 27120]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-01 19952]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS [2011-07-25 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-06 283200]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121003.001\IDSvia64.sys [2012-09-01 513184]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-01 27632]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-05-22 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-05-22 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-06-02 457200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-12-02 68136]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-07-27 14952]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 a2djavs;Audio 2 DJ WDM Audio;c:\windows\system32\Drivers\a2djavs.sys [2012-02-22 358480]
S3 a2djusb_svc;Audio 2 DJ;c:\windows\system32\Drivers\a2djusb.sys [2012-02-22 96336]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-03-07 40832]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-03-07 65280]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 phc710;USB PC Camera (SPC710NC);c:\windows\system32\DRIVERS\phc710.sys [2006-10-16 867712]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-05-22 147288]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-05-22 166232]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-18 13:22]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job
- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-20 13:28]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job
- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-20 13:28]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 19:33]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 19:33]
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job
- c:\users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 15:34]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job
- c:\users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 15:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]
.
[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
"phc710"="c:\windows\vphc710.exe" [2006-10-16 344064]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-01 1873288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\r28uct31.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.wisedock.de/m.php?id=2332406674768a7e760877fb50ef6c1161c7
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*3â÷q\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F6C3A976-80A1-894B-D985-1EA6030CF0D3}*]
"hafjnmijjagpnomk"=hex:69,61,70,6e,67,63,6d,68,6e,6d,64,66,6d,63,6a,68,62,61,
00,77
"iadilonndclckbmkii"=hex:63,61,6d,6e,65,64,00,00
"iapidopeablphfibgc"=hex:69,61,70,6e,67,63,6d,68,6e,6d,64,66,6d,63,6a,68,62,61,
00,77
"dbaoobcbffhmbcgihabihihhbcbcgkekacjpaoip"=hex:68,61,69,6c,6d,67,6e,67,68,68,
69,6f,62,67,6f,6d,00,00
"jbaoobcbffhmbcgihabiijfjiophoonlnnjldfffbchlhjdppjpd"=hex:68,61,69,6c,6d,67,
6e,67,68,68,69,6f,62,67,6f,6d,00,00
"dbaoobcbffhmbcgihabigjeinflkpfcddignjdke"=hex:62,61,66,70,00,fa
.
[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession_3260"="{7AD13F65-10E5-4087-8D07-70ADAE091903}"
"g_coUserCommandChannel"="{0E4D14DB-8DC6-429F-BADF-4FC30ED1A2CA}"
"ccSvcHst_UserSession_3036"="{FEEF351E-734E-4737-8E0A-48A10EFB02C9}"
"ccSvcHst_UserSession_5760"="{8C65AD0F-04B5-413C-90CF-509DBC052D8B}"
"ccSvcHst_UserSession_3632"="{0CCF73C1-FEAA-4AA0-BCEE-9850A251B643}"
"ccSvcHst_UserSession_5096"="{D6E60F79-AE4F-4B1C-8B85-1A8F2A7111BB}"
"ccSvcHst_UserSession_2300"="{49AFFE68-3D4F-4F08-8FBC-0632857C43B8}"
"ccSvcHst_UserSession_3368"="{DE6A5807-7505-46C3-8CDA-58DEFDA7B745}"
"ccSvcHst_UserSession_2448"="{083942F0-EBA4-4AD0-8281-E14496BEA3D8}"
"ccSvcHst_UserSession_1992"="{14A5F078-4460-4D7A-A08B-5A16CC9BA29F}"
"ccSvcHst_UserSession_1036"="{B66A1EDF-2721-4562-A432-A9D8AFD9ACAF}"
"ccSvcHst_UserSession_2944"="{FE3B354E-4196-4AAB-A569-2EFB0FAAFC4D}"
"ccSvcHst_UserSession_2104"="{EF6A4C12-813C-4D9E-88D8-BD64B48FAAC0}"
"ccSvcHst_UserSession_3576"="{12A54274-C7EC-4590-BF52-8FDE56424A49}"
"ccSvcHst_UserSession_2584"="{99E38C87-BA20-4A65-B0CC-7648091B1EEA}"
"ccSvcHst_UserSession_3724"="{4AA45098-4DA2-4FFC-AA95-7FAFE790D308}"
"ccSvcHst_UserSession_2356"="{75E5EF4F-8C0A-4052-B745-3B9CF265499F}"
"ccSvcHst_UserSession_3140"="{9718306E-5223-4014-B83F-43DD5C749926}"
"ccSvcHst_UserSession_3800"="{5F623640-979A-4DA7-B57D-42367C0CB067}"
"ccSvcHst_UserSession_3464"="{52E2BDF0-97FA-4446-8E2C-492964AB1719}"
"ccSvcHst_UserSession_3740"="{C08195F3-15E6-449E-95E1-205E0ADE39A3}"
"ccSvcHst_UserSession_3796"="{A2E25DB8-9CFB-40BB-930C-8493A0F93DC6}"
"ccSvcHst_UserSession_3108"="{E00008B5-1115-48CB-85DB-F4A3E533A7A8}"
"ccSvcHst_UserSession_3136"="{1109EFDB-4823-492F-8BFF-5CAD3F1A79D8}"
"ccSvcHst_UserSession_3092"="{23DC5769-8F61-4306-A8B4-7F482B330B1D}"
"ccSvcHst_UserSession_3524"="{0C749241-47AD-462A-92D0-D8354204F79B}"
"ccSvcHst_UserSession_2784"="{1F7AA2CA-1EB5-4F51-9DE7-EAFD0ACE9E43}"
"ccSvcHst_UserSession_3100"="{C5BF6593-CDF6-4829-B051-EA9752425CDF}"
"ccSvcHst_UserSession_3160"="{CDB4783F-CA09-4CA7-A953-10C10EF448E9}"
"ccSvcHst_UserSession_3572"="{D9618681-6100-4628-B32D-23C24BAEBF12}"
"ccSvcHst_UserSession_3948"="{DB42BE2D-BBE2-428F-B246-D7D524C3AAAA}"
"ccSvcHst_UserSession_1760"="{0FDA1CD7-5D22-4B8A-87BE-6F6F5FAB9E02}"
"ccSvcHst_UserSession_2404"="{430DA3AF-25C2-425D-AF61-24B742738471}"
"g_coVistaProxyChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccSvcHst_NIS"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccSvcHst_UserSession_3988"="{71DA9B7A-31F6-451A-B433-2DD9A0543720}"
"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"g_coUserCommandChannel_S-1-5-21-1771800032-78958699-3666061034-1000"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccGenericEvent_Global_EM"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccGenericEvent_Global_LM"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccGenericLog_Manager"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"SNDServiceRequestChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"SymRedirSvcRequestChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"NortonNetServiceIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ncw_performance_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_ProcessDetection_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"NetMapServiceIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"SNDLocationChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"isError_Service_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"BashIPCChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ipcChannel_ShastaServer"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_ISPOCClient_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_isDataPrComm_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_IDataStoreMgr_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_AvProdSvcComm_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_NortonOnlineCommFeatureRequest_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"_HSPlayerCommand_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"FWAlert"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"IPS_COMMAND_CHANNEL"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccSvcHst_UserSession_3696"="{7E219DC3-FC66-4479-95A4-8B4CBE92D613}"
"AvProdSession_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"AvProdSession_Options_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"AvProdSession_MessageCenter_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"AvProdSession_Scanless_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"AvProdSession_IPUA_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"AvProdSession_CanIRun_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"_IPCChannel_PerformAutoLogin_1_"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"_ReputationSvcComm_ReputationPublisher"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ncw_reputation_scan_server_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"
"ccSvcHst_UserSession_3420"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"clt::AlertChannel2_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"TRUSTCHANNEL"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"SDKCHANNEL1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"ToasterNotify\\SessionID_1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{31D28890-BC66-4548-94B9-C84E409A6586}"=""
"{7AD13F65-10E5-4087-8D07-70ADAE091903}"=""
"{43384C25-FD59-4894-B4DD-D27EE379DA30}"=""
"{BA4ADA64-C6A3-4814-82F2-E9DC4BB39D0E}"=""
"{BFCB0218-0CF8-45C2-8423-7003023D466D}"=""
"{CAF69B79-5031-4406-90D1-112E86C049B7}"=""
"{63197D6D-D81A-48E5-86DC-C4D0847F764A}"=""
"{FEEF351E-734E-4737-8E0A-48A10EFB02C9}"=""
"{F0210051-8F30-45DF-907E-B586638D623E}"=""
"{893724B2-D1A9-450F-8B17-77FC0D9C90DA}"=""
"{47F63204-2B8E-4240-B45D-9A8B7FA7190C}"=""
"{45E65594-F8E7-4CE9-A2AC-2748CD7A924C}"=""
"{5F339DB0-D0BF-4A1A-B96A-7E40FB1869F7}"=""
"{1177D39F-90BB-4405-B57C-5CAB92F144E8}"=""
"{C87CC020-8D98-4797-81B2-AF2B78341DED}"=""
"{D23C226A-27C7-4A60-B65D-8E197BCFF1DE}"=""
"{0DD0D708-9E74-44C9-A850-C488F2358B92}"=""
"{0E4D14DB-8DC6-429F-BADF-4FC30ED1A2CA}"=""
"{3DACB72D-1481-433C-921C-B708684A8522}"=""
"{8C65AD0F-04B5-413C-90CF-509DBC052D8B}"=""
"{7586277D-07FF-4A21-ADEE-76486A007810}"=""
"{3CED894F-B4CA-4985-9F11-51DA8AFE7FC4}"=""
"{D1A71491-FF0E-422E-A0A1-200E63E932C5}"=""
"{B840492E-B3EE-4B9A-8562-FF9D3B919C3F}"=""
"{E7731816-2D75-4C3D-BA49-CEF43FBFC7A8}"=""
"{525E402C-9E18-4332-B3BC-DE7BB5A6D8BC}"=""
"{1AE995A7-A21F-4E2C-82DA-0037961DC756}"=""
"{03537630-4B0B-46DD-A286-7A906E3EFF38}"=""
"{21B988A6-DB68-47F9-A882-AC6FFCBBE1FC}"=""
"{0EEFF4C4-C254-4401-91D1-75CC7796DD0C}"=""
"{1A0D516D-D352-4FD5-AE85-9E64B2F5C7C0}"=""
"{C22802B1-7874-4BD7-B4D5-C06799E91DA8}"=""
"{F2D19814-85DD-4141-ABF0-77576D46CA1C}"=""
"{3432DE6F-4DB9-4EE3-80EB-37609C90313A}"=""
"{1E5759FE-00AC-4965-B8E7-40D94BA4E1DF}"=""
"{72621F17-F8D2-4898-933A-5562163ACACF}"=""
"{A7BE95DE-8A3F-498E-9D46-75FDFEA6F830}"=""
"{77A12E1E-54AD-4A56-8393-C026E7A364C3}"=""
"{9E7187B1-4E88-4002-AD94-4F1A0D081073}"=""
"{7B7DC8AA-A4B4-4F3A-B2B4-B5EB888829F0}"=""
"{C85B0FDB-04F0-4501-8BC8-F36D1598DE52}"=""
"{4E983FFB-F450-40AB-8B4E-EE1E78E336FF}"=""
"{518073EB-767B-4BBD-8040-81484F747D96}"=""
"{1612E17F-6787-4ED2-98D0-2E8B0A0C009B}"=""
"{B7073CFB-DBD8-4431-A20E-7550A4AD463E}"=""
"{90123824-B6F0-4331-8390-5E6A3995B813}"=""
"{AE88CCC9-1198-49B7-AD34-FAC03152A465}"=""
"{00D9F2A7-2B8E-4C25-B640-2133916FFE1E}"=""
"{028A0711-6EE2-458D-BD37-697E660DB569}"=""
"{5540F35D-D52B-4DE3-B825-0B47A132BA68}"=""
"{C6CC6190-E3A2-484A-94F9-325ED2A2FBBF}"=""
"{0254BE81-2401-4DFC-8AC6-54BC15331A77}"=""
"{2105FC74-2191-484E-A70C-D51C61E8433B}"=""
"{0CCF73C1-FEAA-4AA0-BCEE-9850A251B643}"=""
"{0340C946-E9A0-4DBE-B47C-41F3FB812931}"=""
"{EF8EABC8-B0FD-4C6D-9212-0B62927E81E8}"=""
"{3F516BEA-644D-4A93-9746-8BFBC00840FA}"=""
"{9887B0AE-4686-4269-A31A-922B350AFD96}"=""
"{5B22E2EC-0D78-4542-8E01-94A9962168E1}"=""
"{495C292E-9F45-4322-859D-38C3835842E9}"=""
"{CF7EA717-2F29-4603-A36E-BAC679BEFB5A}"=""
"{B0C1493A-74F3-485B-93F7-95FEB57BC2E8}"=""
"{C91ECC38-1F10-4929-8BE7-B10F8E22C0BA}"=""
"{C21BECB9-ADD8-4FD5-B421-0492B70129A2}"=""
"{0D94EDF7-68F5-4941-8287-EC3C078CA014}"=""
"{25CEEA4D-4EFA-4DC2-ABBD-311F9AEB4F11}"=""
"{692B7235-E02D-4FE5-BEB8-FEBB17107DC6}"=""
"{7CA17BFF-E795-45D5-88EF-435B798633F7}"=""
"{ACBA6A0B-D626-4C52-8A8F-9E7C9397A38C}"=""
"{6F3B5D8A-9D68-45FF-891F-CE408D952E63}"=""
"{70DBDEF5-44AC-4C2A-94F3-56D6587A5D91}"=""
"{8360B87D-3A57-43CB-8880-0081DB4460A9}"=""
"{4A9CEFC8-C5ED-4C25-9D10-100FBB3D1365}"=""
"{796F2351-F739-4695-AE1C-8D5CFC55472C}"=""
"{374F44E9-B644-4D50-BDEC-3288ED1E5309}"=""
"{F4A96801-F822-4BF7-8505-CA0324C97FAD}"=""
"{71BC76F4-B12A-46B2-B9D9-A617F354FAB7}"=""
"{D3CC758A-496F-4758-865A-BB33CF37329E}"=""
"{0FA2B64B-5629-4A22-849A-A9EEE153F6E9}"=""
"{73D95C5F-6317-44FF-A5B3-D8F3E1F251DC}"=""
"{36CA9874-2F09-4852-83B4-C2FDE4BB1FB0}"=""
"{1C67EAC1-2341-4397-A9C8-E24912E93D86}"=""
"{DC5019DD-4393-49E6-A949-CC468291A7E8}"=""
"{D6E60F79-AE4F-4B1C-8B85-1A8F2A7111BB}"=""
"{F0519DBB-8A97-4643-B44E-5CCD7957C487}"=""
"{DC6B1A17-B27A-4CF4-B53E-DAAE7791F024}"=""
"{7C8AD3E5-60DA-4B08-84DF-5095EA8E11B8}"=""
"{C66C4126-6A62-4345-AC0B-7472C1FA5AC3}"=""
"{B9A29325-26EC-41F1-A74F-14E8ED30C9C2}"=""
"{AA5C1182-4985-4291-AA06-E4739BEC6E27}"=""
"{E67118EC-D5D0-42F3-BB0E-0B3E7B25D34A}"=""
"{92B8F617-9944-4281-97AE-87B1EE80393E}"=""
"{BE1ADC3D-72DB-4903-9AFD-C0DE942489B0}"=""
"{1A5BBFC9-A0BC-4BD6-B2A7-87AEC138BFE8}"=""
"{A4578D28-CEBF-4E8F-88DA-422BCBEBD04E}"=""
"{49AFFE68-3D4F-4F08-8FBC-0632857C43B8}"=""
"{C130B069-79CB-4528-AE99-8FEA3EE29861}"=""
"{F23DD840-1CB5-47E3-A037-5777F8236EB4}"=""
"{1ED0F91B-9632-42F7-BE39-DA8D8B5E6FF5}"=""
"{74A59BAC-55C3-477B-BC7B-1E0F35F168DB}"=""
"{F8511691-8C63-431F-A860-D716A17338FA}"=""
"{DE6A5807-7505-46C3-8CDA-58DEFDA7B745}"=""
"{65F3D647-1F29-4C0F-A18B-F79449CE0A58}"=""
"{083942F0-EBA4-4AD0-8281-E14496BEA3D8}"=""
"{A1A32588-D81D-47BA-ADFF-0C517AD4C35D}"=""
"{C061CD22-CCCD-4D27-85C3-8FFCD49519BA}"=""
"{A8A7E560-ABE0-47FE-83C4-1C2317E26881}"=""
"{2DC3031F-A9AB-436D-94CC-747CE2B47587}"=""
"{85EA8F58-ADF0-4C54-BB72-E65FDFEDD92A}"=""
"{F930FD20-45DC-4F62-B07F-FFC0FAD2B922}"=""
"{2C855EF6-A66F-4B72-97EF-3A1E20027F1A}"=""
"{3131C8E0-6465-47C5-8FF3-4B278F2E3401}"=""
"{40434B11-B0C6-4D3E-A9E2-C89C377B15F5}"=""
"{5D346F65-B95A-48BD-9872-7DE0D5FB93B0}"=""
"{7C68554D-85E7-4181-A0EB-61549624CF74}"=""
"{1EBF3E40-DC1E-4413-857D-D3AC3B795FB3}"=""
"{CAB58E49-A42A-47B2-9E49-8EC5E3DC02E2}"=""
"{2E320FE5-7A58-43C0-98B0-55AC4E2BF5C7}"=""
"{36F05336-8BD0-45A8-9742-84BD144CB45E}"=""
"{F408D8DB-40AF-4464-86EC-B7A2B82EA67A}"=""
"{CC7CC34D-C387-495A-BED4-A19A13D90C8F}"=""
"{E91479B5-E90E-4CE9-ABBC-1D28B30A6B15}"=""
"{15A3D61D-43A7-4E4A-A58E-C389A7A841A7}"=""
"{0F6DF0EB-A764-472A-8D37-0513D86912D9}"=""
"{546984D1-C73C-4568-9F36-A01104CB257C}"=""
"{42ADEAEE-8831-481D-B83B-19B4C8AC9046}"=""
"{701CF786-1E00-456F-8ACC-CF7FC7F9CFF8}"=""
"{14A5F078-4460-4D7A-A08B-5A16CC9BA29F}"=""
"{6BAD6E98-81F6-49A6-AE19-20C8E0505C37}"=""
"{B66A1EDF-2721-4562-A432-A9D8AFD9ACAF}"=""
"{83F5A053-43DB-4998-8B65-2140A57F3AF3}"=""
"{B0E5A95F-7BFB-48FD-8130-468AB5831812}"=""
"{94591B92-AB45-45B0-8376-BFEE44CAA71C}"=""
"{FE3B354E-4196-4AAB-A569-2EFB0FAAFC4D}"=""
"{135DC4BD-525E-4A93-BCD4-606E1A26A65F}"=""
"{AF59F538-AB6C-4ACB-83F9-E5F8D4896F52}"=""
"{E860AC30-A3EE-4519-9127-33F8F2D27FDE}"=""
"{EF6A4C12-813C-4D9E-88D8-BD64B48FAAC0}"=""
"{30B1486D-A27B-44FD-9DF7-C436C7BB015D}"=""
"{FA8E0986-E8DD-4DCE-B6C3-34856108C4A7}"=""
"{BB93FA21-E208-41A0-94B1-5B3BE2F0894E}"=""
"{917D3358-F66E-4C4B-AFFF-B5A4A906B1FB}"=""
"{CE472A7E-18A5-4A7A-96CE-587B6EA33F1E}"=""
"{8A7E75B7-55C8-4C99-B384-7357FBF4C5A5}"=""
"{AF74F5F8-D7D4-463A-A70D-681C63CC03DA}"=""
"{12A54274-C7EC-4590-BF52-8FDE56424A49}"=""
"{901992BF-F816-40AC-874F-E51B54CAB887}"=""
"{C266CD48-3BD7-43A4-983A-2BF4D9440C25}"=""
"{44DF0806-BBF9-40E8-86D1-68316BC7C51F}"=""
"{A145B174-2305-415F-9288-330A95F7E515}"=""
"{2983047B-83DD-4B1B-A98A-2C05818CFCAA}"=""
"{99E38C87-BA20-4A65-B0CC-7648091B1EEA}"=""
"{F9B1E1FC-95D4-4699-AA2A-78BA5A613B41}"=""
"{4AA45098-4DA2-4FFC-AA95-7FAFE790D308}"=""
"{50A05E3E-E32D-496E-B5EE-E56442D2739A}"=""
"{75E5EF4F-8C0A-4052-B745-3B9CF265499F}"=""
"{D8B3E8E1-4C54-4E10-85D0-94F967E8B916}"=""
"{511AA929-4FB9-4589-8C5F-E1BD58852400}"=""
"{2764B993-3488-4418-8B21-8729B778863B}"=""
"{9718306E-5223-4014-B83F-43DD5C749926}"=""
"{99699088-F146-472B-B4A0-D5E7CA0FF90E}"=""
"{085C3D26-CFD2-4A6C-9F83-A0422B6CA899}"=""
"{0D8C1E40-6EF0-4606-A5CA-79CB9C5A4DDE}"=""
"{931E3908-863E-43ED-B459-883229D4959F}"=""
"{0F23675C-B908-4DBF-912A-EAA4FB8283EE}"=""
"{5F623640-979A-4DA7-B57D-42367C0CB067}"=""
"{98273B17-4754-4D9E-82A4-0416C9774B71}"=""
"{52E2BDF0-97FA-4446-8E2C-492964AB1719}"=""
"{1514F77F-5D81-4AC9-9773-CC092DFC4658}"=""
"{EA3C8F8B-1452-4561-B79C-37519D8C40F6}"=""
"{4489C55D-458F-4575-9DE5-D613F55AA40A}"=""
"{28EDF0F6-1149-469F-949A-2F7F065B5452}"=""
"{A63FC71F-7B63-4E35-A687-D58227E240EB}"=""
"{C08195F3-15E6-449E-95E1-205E0ADE39A3}"=""
"{7BF2DB7F-0270-4095-9E83-25E16051F899}"=""
"{A2E25DB8-9CFB-40BB-930C-8493A0F93DC6}"=""
"{63154596-0252-4B44-89F2-B3B55EEACCE9}"=""
"{E00008B5-1115-48CB-85DB-F4A3E533A7A8}"=""
"{6F5A8B14-6CE6-47EA-85DE-C481D0638A42}"=""
"{74FE06E0-81FF-45CC-A957-29588E6A0DF4}"=""
"{0E785B00-361E-438A-98C5-EB7EC8727854}"=""
"{26DA05CB-0A9A-44D5-B073-8031525DB4E7}"=""
"{1C7DFB73-F76A-417F-BCEC-78149BC0AB0F}"=""
"{1109EFDB-4823-492F-8BFF-5CAD3F1A79D8}"=""
"{E8C8226C-6708-43B7-99BE-623FB0BFCC7C}"=""
"{23DC5769-8F61-4306-A8B4-7F482B330B1D}"=""
"{A57BAD4F-A7FC-4307-BE51-F37C0E04D71D}"=""
"{0C749241-47AD-462A-92D0-D8354204F79B}"=""
"{7A546934-ED8D-4237-8714-39B8B9A45A7B}"=""
"{1F7AA2CA-1EB5-4F51-9DE7-EAFD0ACE9E43}"=""
"{F55192E0-2549-4BFD-85D1-80B1589267A0}"=""
"{C5BF6593-CDF6-4829-B051-EA9752425CDF}"=""
"{4B4079F1-8AD3-4A3E-AC97-AEEB55436A7B}"=""
"{CDB4783F-CA09-4CA7-A953-10C10EF448E9}"=""
"{E56B72B8-896E-481E-B4AF-02C4F77C885A}"=""
"{90420AB4-35B2-495C-B461-E7EDDEB308E1}"=""
"{4F307491-60BE-4CE1-B7F9-9FD2741F6974}"=""
"{D9618681-6100-4628-B32D-23C24BAEBF12}"=""
"{7C15BF70-CE5D-435A-885A-EFE305B2D857}"=""
"{DB42BE2D-BBE2-428F-B246-D7D524C3AAAA}"=""
"{8BCBFFF8-25E6-4A15-BD90-BA964E68FF61}"=""
"{0FDA1CD7-5D22-4B8A-87BE-6F6F5FAB9E02}"=""
"{C30CC5B2-AE13-4010-BB0C-55C4053D0D32}"=""
"{430DA3AF-25C2-425D-AF61-24B742738471}"=""
"{F624B18D-E73D-433D-94AF-2E70C018ACF6}"=""
"{0E7F2971-B1F3-49C8-B116-E77CB003E6B1}"=""
"{AFE73930-322D-4D9E-8B28-FE4C02D2C95B}"=""
"{EC8226F4-E89F-44E9-ACA7-BFFDB9EB795B}"=""
"{568664A6-2FBD-4A5F-A70D-71A2AD42F804}"=""
"{1D97F805-80DD-45EC-B96A-D0D6459139A1}"=""
"{C0A6FD55-B848-429D-84AB-3DC474F1BAC8}"=""
"{71DA9B7A-31F6-451A-B433-2DD9A0543720}"=""
"{1FCB60C1-8A22-4547-8404-457809EAC292}"=""
"{7E219DC3-FC66-4479-95A4-8B4CBE92D613}"=""
"{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"=""
"{3BD88611-85D3-4A37-818A-3644A2DBEB84}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-10-04 16:13:18
ComboFix-quarantined-files.txt 2012-10-04 14:13
.
Vor Suchlauf: 15 Verzeichnis(se), 69.348.085.760 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 108.885.303.296 Bytes frei
.
- - End Of File - - 5BC3EBDE5D94D5EDB67A39253BA65FFE
|
|
05.10.2012, 17:34
| #10 |
| /// Malware-holic | Sobald ich einen Browser öffne wir mein Internet extrem langsam hi malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.10.2012, 20:27
| #11 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam Sorry das ich so lange nicht geschrieben habe, war im Urlaub Also Maleware Byts hat nichts gefunden, hier trotzdem die Log: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.0.1400 www.malwarebytes.org Datenbank Version: v2012.10.13.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Marc :: MARC-PC [Administrator] Schutz: Aktiviert 13.10.2012 19:22:08 mbam-log-2012-10-13 (19-22-08).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|H:\|I:\|K:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 729683 Laufzeit: 2 Stunde(n), 2 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
18.10.2012, 21:29
| #12 |
| /// Malware-holic | Sobald ich einen Browser öffne wir mein Internet extrem langsam hi lade den CCleaner standard: CCleaner Download - CCleaner 3.23.1823 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.10.2012, 13:54
| #13 |
| | Sobald ich einen Browser öffne wir mein Internet extrem langsam hier die Liste: Code:
ATTFilter 325 USB PC Camera Sonix 11.08.2012 0.6.0.001 unbekannt @BIOS GIGABYTE 06.07.2011 2.11 wichtig Ableton Live 8 Ableton 03.04.2012 902MB 8.0.0.0 wichtig Adobe Acrobat X Pro - English, Français, Deutsch Adobe Systems 13.10.2012 2,81GB 10.1.4 wichtig Adobe AIR Adobe Systems Incorporated 13.10.2012 3.4.0.2710 wichtig Adobe Creative Suite 6 Master Collection Adobe Systems Incorporated 05.10.2012 9,83GB 6 wichtig Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 11.03.2012 44,0MB 3.2.0 wichtig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 13.10.2012 6,00MB 11.4.402.287 wichtig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 13.10.2012 6,00MB 11.4.402.287 wichtig Adobe Help Manager Adobe Systems Incorporated 31.07.2012 4.0.244 wichtig Adobe Photoshop Lightroom 4.1 64-bit Adobe 31.07.2012 806MB 4.1.2 wichtig Adobe Widget Browser Adobe Systems Incorporated. 31.07.2012 2.0 Build 348 wichtig Adobe® Content Viewer Adobe Systems Incorporated 18.10.2012 2.8.0 wichtig Akamai NetSession Interface 02.01.2012 ungekannt Akamai NetSession Interface Service 02.01.2012 unbekannt Amazon MP3-Downloader 1.0.15 Amazon Services LLC 01.08.2012 1.0.15 wichtig Anno 1701 Sunflowers 22.06.2011 1.00 muss nicht Anno 1701 - Der Fluch des Drachen Sunflowers 22.06.2011 2.03 muss nicht Any DVD Converter Professional 4.0.1 Any-DVD-Converter.com 20.04.2011 wichtig Apple Application Support Apple Inc. 20.09.2012 64,4MB 2.2.2 wichtig Apple Mobile Device Support Apple Inc. 20.09.2012 23,7MB 6.0.0.59 wichtig Apple Software Update Apple Inc. 07.07.2011 2,38MB 2.1.3.127 wichtig ASIO4ALL Michael Tippach 02.01.2012 2.10 wichtig Battlefield 3™ Electronic Arts 10.09.2012 1.4.0.0 wichtig Battlefield Play4Free EA Digital illusions 02.01.2012 wichtig Battlelog Web Plugins EA Digital Illusions CE AB 09.09.2012 1.132.0 wichtig Beatport Downloader Beatport LLC 01.08.2012 1.4 wichtig BeatportDownloader Beatport LLC 25.02.2012 1.003 wichtig BEHRINGER USB AUDIO DRIVER 19.01.2012 wichtig Bonjour Apple Inc. 17.10.2011 2,00MB 3.0.0.10 wichtig Borderlands 2K Games 20.04.2011 6,88GB 1.0.295 wichtig Borderlands 2 Gearbox Software 21.09.2012 wichtig Brother MFL-Pro Suite DCP-130C Brother Industries, Ltd. 01.09.2011 1.0.3.0 wichtig butt 02.01.2012 wichtig Canon Utilities EOS Utility Canon Inc. 03.09.2012 2.10.0.0 wichtig Canon Utilities PhotoStitch Canon Inc. 03.09.2012 3.1.22.46 wichtig CCleaner Piriform 24.09.2012 3.23 wichtig CINEMA 4D 12.016 MAXON Computer GmbH 17.08.2012 3,81GB 12.016 wichtig Clonk Rage RedWolf Design GmbH 02.01.2012 muss nicht Combat Arms EU 04.04.2012 muss nicht ConvertXtoDVD 4.1.10.348 24.05.2011 68,1MB 4.1.10.348 wichtig DAEMON Tools Lite DT Soft Ltd 06.05.2012 4.45.4.0315 wichtig Dead Space™ 2 Electronic Arts 23.12.2011 10,0GB 1.0.948.0 wichtig DES 2.0 Gigabyte 06.07.2011 1.00.0000 wichtig doubleTwist doubleTwist Corporation 25.02.2012 3.2.0.12944 unwichtig Dreamload Dreamload LLC 08.04.2011 1.297 unwichtig Dropbox Dropbox, Inc. 10.07.2012 1.4.7 wichtig Easy Migration Samsung Electronics Co., Ltd. 05.07.2012 1.0 muss nicht Edcast Standalone 3.37.2011 PCGraFix 17.09.2012 3.37.2011.1214 wichtig Energy Saver Advance B10.0309.1 GIGABYTE 07.04.2011 1.10.0000 wichtig EOS Camera Movie Record 0.3.1.1 Beta Chernov A.A. 03.09.2012 wichtig EPSON SX100 Series Printer Uninstall SEIKO EPSON Corporation 06.08.2012 wichtig ESN Sonar ESN Social Software AB 06.06.2012 0.70.4 wichtig Etron USB3.0 Host Controller Etron Technology 06.07.2011 5,18MB 0.98 wichtig Facebook Desktop UNKNOWN 02.01.2012 0.84 muss nicht Facebook Video Calling 1.2.0.159 Skype Limited 22.03.2012 4,76MB 1.2.159 wichtig ffdshow [rev 2527] [2008-12-19] 25.02.2012 1.0 wichtig FileZilla Client 3.5.3 FileZilla Project 12.02.2012 16,5MB 3.5.3 wichtig FileZilla Server FileZilla Project 12.02.2012 3,65MB beta 0.9.40 wichtig Firebird SQL Server - MAGIX Edition MAGIX AG 30.10.2011 10,1MB 2.1.27.0 muss nicht Fraps (remove only) 20.04.2012 wichtig Google Earth Plug-in Google 18.11.2011 40,8MB 6.1.0.5001 wichtig Google Talk Plugin Google 13.10.2012 19,1MB 3.9.1.9832 wichtig GutscheinRausch.de - AddOn für Firefox GutscheinRausch.de 13.01.2012 1,51MB 2.81 muss nicht Half-Life 2 Valve 13.10.2012 wichtig Half-Life 2: Lost Coast Valve 13.10.2012 wichtig ICQ7.6 ICQ 07.11.2011 7.6 wichtig Intel(R) Control Center Intel Corporation 02.01.2012 1.2.1.1007 wichtig Intel(R) Management Engine Components Intel Corporation 02.01.2012 7.0.0.1118 wichtig iTunes Apple Inc. 20.09.2012 182MB 10.7.0.21 wichtig Java 7 Update 7 (64-bit) Oracle 13.10.2012 127MB 7.0.70 wichtig Java(TM) 6 Update 27 Oracle 22.10.2011 97,0MB 6.0.270 wenn 7 da ist könnne die doch weg oder? :D Java(TM) 6 Update 27 (64-bit) Oracle 22.10.2011 91,6MB 6.0.270 " Java(TM) 6 Update 37 Oracle 08.09.2012 95,7MB 6.0.370 " JDownloader 0.9 AppWork GmbH 02.01.2012 0.9 unbekannt KORES Print Designer 13.03.2012 muss nicht MAGIX Speed burnR MAGIX AG 30.10.2011 6.0.1.4 muss nicht Malwarebytes Anti-Malware Version 1.65.1.1000 Malwarebytes Corporation 18.10.2012 19,4MB 1.65.1.1000 wichtig Michas Jingle-Player 13.03.2012 muss nicht Microsoft .NET Framework 4 Client Profile Microsoft Corporation 02.01.2012 38,8MB 4.0.30320 wichtig Microsoft .NET Framework 4 Client Profile DEU Language Pack 07.04.2011 wichtig Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 02.01.2012 2,93MB 4.0.30320 zweimal? Microsoft .NET Framework 4 Extended Microsoft Corporation 21.08.2012 51,9MB 4.0.30319 wichtig Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 21.08.2012 10,6MB 4.0.30319 wichtig Microsoft LifeCam Microsoft Corporation 21.08.2012 33,2MB 3.60.253.0 wichtig Microsoft Office Professional Plus 2010 Microsoft Corporation 05.07.2012 14.0.6029.1000 wichtig Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11.04.2011 1,72MB 3.1.0000 wichtig Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 24.01.2012 258KB 8.0.50727.4053 wichtig Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 17.05.2011 252KB 8.0.50727.4053 wichtig Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 22.09.2012 2,38MB 8.0.59193 wichtig Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 08.12.2011 708KB 8.0.61000 wichtig Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 13.04.2011 200KB 9.0.30729.4148 wichtig Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 15.04.2011 598KB 9.0.30729.5570 wichtig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 19.04.2012 788KB 9.0.30729.4148 wichtig Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 20.04.2012 784KB 9.0.30729.6161 wichtig Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 22.09.2012 1,41MB 9.0.21022 wichtig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 23.12.2011 234KB 9.0.30729 wichtig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.04.2011 596KB 9.0.30729 wichtig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 19.04.2012 230KB 9.0.30729.4148 wichtig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 600KB 9.0.30729.6161 wichtig Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 06.10.2011 13,8MB 10.0.40219 wichtig Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 06.10.2011 12,2MB 10.0.40219 wichtig Microsoft-Maus- und Tastatur-Center Microsoft Corporation 18.10.2012 2.0.161.0 wichtig Microsoft_VC80_ATL_x86 22.04.2012 unbekannt Microsoft_VC80_MFC_x86 22.04.2012 " Microsoft_VC80_MFCLOC_x86 22.04.2012 " Microsoft_VC90_ATL_x86 22.04.2012 " Mozilla Firefox 15.0.1 (x86 de) Mozilla 25.09.2012 38,4MB 15.0.1 unwichtig Mozilla Firefox 16.0.1 (x86 de) Mozilla 13.10.2012 38,5MB 16.0.1 wichtig Mozilla Maintenance Service Mozilla 13.10.2012 329KB 16.0.1 wichtig Mp3tag v2.52 Florian Heidenreich 01.08.2012 v2.52 wichtig MSXML 4.0 SP2 (KB954430) Microsoft Corporation 21.04.2011 1,27MB 4.20.9870.0 unbekannt MSXML 4.0 SP2 (KB973688) Microsoft Corporation 21.04.2011 1,33MB 4.20.9876.0 unbekannt Native Instruments Audio 2 DJ Driver 24.05.2012 kann weg, Update vorhanden Native Instruments Audio 2 DJ Driver Native Instruments 29.07.2012 wichtig Native Instruments Controller Editor 21.09.2012 wichtig Native Instruments Controller Editor Native Instruments 21.09.2012 zweimal? Native Instruments Service Center 24.05.2012 kann weg, Update vorhanden Native Instruments Service Center Native Instruments 29.07.2012 wichtig Native Instruments Traktor 2 29.07.2012 wichtig Native Instruments Traktor 2 Native Instruments 29.07.2012 zweimal? Native Instruments Traktor Kontrol S2 Driver 24.05.2012 wichtig Native Instruments Traktor Kontrol S2 Driver Native Instruments 29.07.2012 same again ... Nexon Game Manager 04.04.2012 unbekannt Norton Bootable Recovery Tool Wizard Symantec Corporation 20.04.2011 3.5.0.23 muss nicht Norton Internet Security Symantec Corporation 14.01.2012 19.8.0.14 wichtig NVIDIA 3D Vision Controller-Treiber 306.97 NVIDIA Corporation 13.10.2012 306.97 wichtig NVIDIA 3D Vision Treiber 306.97 NVIDIA Corporation 13.10.2012 306.97 wichtig NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 13.10.2012 306.97 wichtig NVIDIA HD-Audiotreiber 1.3.18.0 NVIDIA Corporation 13.10.2012 1.3.18.0 wichtig NVIDIA PhysX-Systemsoftware 9.12.0604 NVIDIA Corporation 14.09.2012 9.12.0604 wichtig NVIDIA Update 1.10.8 NVIDIA Corporation 13.10.2012 1.10.8 wichtig OF Dragon Rising Codemasters 18.07.2011 1.00.0000 muss nicht ON_OFF Charge B11.0110.1 GIGABYTE 06.07.2011 1.00.0001 wichtig Oracle VM VirtualBox 4.1.16 Oracle Corporation 06.06.2012 139MB 4.1.16 wichtig Origin Electronic Arts, Inc. 05.04.2012 8.5.2.23 wichtig Overwolf Overwolf 02.09.2012 81,3MB 0.36.212 muss nicht Philips SPC710NC Webcam 02.01.2012 wichtig PhotoScape 19.08.2012 wichtig Portal Valve 02.01.2012 wichtig Portal 2 Valve 02.01.2012 wichtig PunkBuster Services Even Balance, Inc. 06.04.2012 0.991 wichtig QuickTime Apple Inc. 18.05.2012 73,2MB 7.72.80.56 wichtig Radio Toolbox www.radiotoolbox.com 05.01.2012 1.1.1 wichtig Realtek Ethernet Controller Driver Realtek 09.09.2011 7.46.610.2011 wichtig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 02.01.2012 6.0.1.6449 wichtig reFX Nexus VSTi RTAS v2.2.0 11.04.2011 wichtig Roxio Creator 2010 Pro Roxio 02.01.2012 3,34GB 12.0 wichtig Roxio PhotoShow Roxio 02.01.2012 6.0 wichtig Samsung Kies Samsung Electronics Co., Ltd. 04.05.2011 181MB 2.0.0.11044_11 unwichtig SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 02.01.2012 46,0MB 1.4.4.0 wichtig Sanctum 04.05.2012 wichtig Shoot Many Robots 04.05.2012 wichtig SHOUTcast DNAS (remove only) 02.01.2012 wichtig SHOUTcast DNAS Server v2 02.01.2012 wichtig simfy simfy AG 07.09.2012 1.6.10 wichtig Skype Click to Call Skype Technologies S.A. 29.03.2012 12,4MB 5.9.9216 muss nicht Skype™ 5.10 Skype Technologies S.A. 02.09.2012 19,4MB 5.10.116 wichtig Smart 6 B10.1221.1 GIGABYTE 06.07.2011 1.00.0000 wichtig Steam Valve Corporation 20.12.2011 35,4MB 1.0.0.0 wichtig Steinberg Cubase 5 Steinberg Media Technologies GmbH 08.04.2011 291MB 5.1.0 wichtig Steinberg Drum Loop Expansion 01 Steinberg Media Technologies GmbH 08.04.2011 424MB 1.0.0.1 wichtig Steinberg Groove Agent ONE Content Steinberg Media Technologies GmbH 08.04.2011 142MB 1.0.0.003 wichtig Steinberg HALionOne Steinberg Media Technologies GmbH 08.04.2011 387MB 1.1.0.457 wichtig Steinberg HALionOne Additional Content Set 01 Steinberg Media Technologies GmbH 08.04.2011 940MB 1.0.0.001 wichtig Steinberg HALionOne Expression Set Steinberg Media Technologies GmbH 08.04.2011 231MB 1.0.1.0 wichtig Steinberg HALionOne GM Drum Set Steinberg Media Technologies GmbH 08.04.2011 23,9MB 1.0.1.457 wichtig Steinberg HALionOne GM Set Steinberg Media Technologies GmbH 08.04.2011 63,6MB 1.0.1.457 wichtig Steinberg HALionOne Pro Set Steinberg Media Technologies GmbH 08.04.2011 123MB 1.0.1.457 wichtig Steinberg HALionOne Studio Drum Set Steinberg Media Technologies GmbH 08.04.2011 48,0MB 1.0.1.457 wichtig Steinberg HALionOne Studio Set Steinberg Media Technologies GmbH 08.04.2011 112MB 1.0.1.457 wichtig Steinberg LoopMash Content Steinberg Media Technologies GmbH 08.04.2011 612MB 1.0.0.005 wichtig Steinberg REVerence Content 01 Steinberg Media Technologies GmbH 08.04.2011 169MB 1.0.0.006 wichtig Synergy Synergy Development Team 13.10.2012 wichtig TeamSpeak 3 Client TeamSpeak Systems GmbH 06.09.2012 3.0.6 wichtig TeamViewer 7 TeamViewer 05.10.2012 7.0.14563 wichtig Text-To-Speech-Runtime Magix Development GmbH 09.10.2011 260KB 1.0.0.0 muss nicht UseNeXT Tangysoft Ltd. 09.07.2012 5,23MB wichtig VLC media player 2.0.3 VideoLAN 05.10.2012 2.0.3 wichtig VoiceOver Kit Apple Inc. 22.04.2012 41,7MB 1.42.128.0 muss nicht webcamXP 5 Moonware Studios 18.10.2012 5.5.1.5 wichtig Winamp Nullsoft, Inc 02.01.2012 5.621 wichtig Winamp Erkennungs-Plug-in Nullsoft, Inc 21.08.2011 75,0KB 1.0.0.1 wichtig Windows Live Anmelde-Assistent Microsoft Corporation 11.04.2011 1,93MB 5.000.818.5 muss nicht Windows Live Essentials Microsoft Corporation 02.01.2012 14.0.8117.0416 muss nicht Windows Live Sync Microsoft Corporation 11.04.2011 2,79MB 14.0.8117.416 muss nicht Windows Live-Uploadtool Microsoft Corporation 11.04.2011 224KB 14.0.8014.1029 muss nicht Windows Mobile-Gerätecenter 02.01.2012 wichtig WinRAR archiver 02.01.2012 wichtig World of Tanks v.0.6.7 Wargaming.net 22.11.2011 muss nicht XSplit SplitMediaLabs 04.09.2012 92,1MB 1.1.1209.0401 wichtig Your Uninstaller! 2010 URSoft, Inc. 31.08.2011 10,7MB 7.0 wichtig µTorrent BitTorrent Inc. 16.09.2012 3.2.0 wichtig |
|
| Themen zu Sobald ich einen Browser öffne wir mein Internet extrem langsam |
| ahnung, browser, explorer, extrem, extrem langsam, inter, interne, internet, internet explorer, langsam, sobald, titel |
Linear-Darstellung
