| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: dieses programm kann die webseite nicht anzeigen win7 home 64 bitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.10.2012, 16:45
| #1 |
 |  dieses programm kann die webseite nicht anzeigen win7 home 64 bit Liebe Helfer!  Ich habe win7 home 64 bit mit mehreren Konten. 1 Admin 4 standard benutzer. Beim Öffnen eines der standard Benutzerkonnten bekomme ich nach dem Anmelden folgende Fehlermeldung "dieses programm kann die webseite nicht anzeigen" Es füllt den gesamten Bildschirm aus und ich kann nichts mehr machen. Ich arbeite nun aus dem Admin Konto hier funktioniert alles einwandfrei. Ich habe schon " Malwarebytes Anti-Malware ", AVAST und Spyware Terminator 2012 durchlaufen lassen. Es wurde das eine oder andere gefunden, hat aber nicht das obige Problem beseitigt. Nun habe ich den ohne Probleme den Defogger laufen lassen und disabled. Nun lasse ich den OTL scan laufen. |
|
04.10.2012, 16:53
| #2 |
| /// TB-Ausbilder   | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Lass OTL laufen und poste die beiden Logdateien hier in dein Thema.  |
|
04.10.2012, 17:16
| #3 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Hier ist der OTL txtOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 04.10.2012 17:48:45 - Run 1 OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,93 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,52% Memory free 11,87 Gb Paging File | 9,73 Gb Available in Paging File | 81,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 550,62 Gb Total Space | 228,88 Gb Free Space | 41,57% Space Free | Partition Type: NTFS Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe PRC - [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Downloads\Defogger.exe PRC - [2012.09.23 10:50:14 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2012.09.07 01:57:30 | 003,673,808 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe PRC - [2012.09.07 01:57:20 | 002,777,296 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.08.08 10:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.03.18 09:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe PRC - [2010.02.04 00:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe PRC - [2010.01.24 12:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe PRC - [2010.01.21 20:05:08 | 000,177,384 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe PRC - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ========== Modules (No Company Name) ========== MOD - [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Downloads\Defogger.exe MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll MOD - [2012.09.25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll MOD - [2012.09.25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll MOD - [2012.09.25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll MOD - [2012.01.16 21:06:32 | 000,577,621 | ---- | M] () -- C:\Program Files (x86)\Spyware Terminator\sqlite3.dll MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.03.18 09:11:51 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2009.12.19 04:51:18 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2009.12.19 04:50:38 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2012.09.07 01:57:38 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc) SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service) SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP) SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.03 12:47:01 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo) DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2) DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp) DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror) DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0) DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011.03.03 12:47:14 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys -- (Lavasoft Kernexplorer) DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Running] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: Google CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\ CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (MP3Bar) - {F6BD6330-76F8-44d9-B775-87614E2D8374} - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (MP3Bar) - {F6BD6330-76F8-44D9-B775-87614E2D8374} - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll () O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo) O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo) O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: &MP3Bar - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll () O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: &MP3Bar - C:\Program Files (x86)\Fiesta Download Manager\mp3bar.dll () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B} [2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp [2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics [2012.10.04 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars [2012.10.04 10:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb [2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes [2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator [2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2012.10.03 22:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012 [2012.10.03 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator [2012.10.03 21:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\klbufxxvvhtvhnf [2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.04 17:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012.10.04 17:37:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.04 17:13:21 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable [2012.10.04 16:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job [2012.10.04 16:43:46 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.04 16:32:52 | 000,000,408 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job [2012.10.04 16:31:51 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2012.10.04 11:55:17 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys [2012.10.04 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job [2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk [2012.10.04 10:13:00 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job [2012.10.04 10:07:05 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat [2012.10.04 10:07:05 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat [2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.10.03 22:28:15 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk [2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.10.03 21:37:39 | 000,105,984 | ---- | M] () -- C:\ProgramData\bgbotadh.exe [2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP [2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable [2012.10.04 16:32:51 | 000,000,408 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job [2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 22:28:15 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk [2012.10.03 21:37:43 | 000,105,984 | ---- | C] () -- C:\ProgramData\bgbotadh.exe [2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP [2012.07.18 23:05:05 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad [2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg [2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3 [2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat [2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel [2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini [2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI [2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT [2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI [2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll [2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll [2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll [2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini [2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat [2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat [2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.07.14 14:32:06 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Ad-Aware Antivirus [2012.01.03 16:51:56 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\AllDup [2011.09.16 12:03:54 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Amazon [2011.02.26 15:52:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\ArcSyncConfig [2011.02.26 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Canneverbe Limited [2012.07.14 13:27:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Dropbox [2012.01.21 18:38:58 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft [2012.01.21 18:38:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers [2012.07.08 18:29:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\elsterformular [2011.08.19 20:41:40 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\GARMIN [2011.06.24 16:03:58 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\gtk-2.0 [2011.02.26 16:48:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\KeePass [2011.02.26 15:54:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Lenovo [2011.06.22 18:32:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\MAGIX [2011.12.04 19:25:10 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenCandy [2012.06.19 16:31:42 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SoftGrid Client [2012.10.03 22:28:18 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator [2011.03.23 22:58:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TP ========== Purity Check ========== < End of report > Oh super lieber Matthias - herzlichen Dank daß Du da bist.  Wo finde ich nun die zweite Datei Extra.txt ? Das Tool hast sich von selbst geschlossen... Sorry da war noch ein Fenster dahinter:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.10.2012 17:48:45 - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,93 Gb Total Physical Memory | 3,89 Gb Available Physical Memory | 65,52% Memory free
11,87 Gb Paging File | 9,73 Gb Available in Paging File | 81,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 550,62 Gb Total Space | 228,88 Gb Free Space | 41,57% Space Free | Partition Type: NTFS
Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS
Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system |
"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system |
"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system |
"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system |
"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe |
"{0782ED6F-9AC4-42A0-A2F7-FE8F7481306E}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{67B5FA16-E18C-41BF-81B1-9289DBE457C8}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAFDF678-CD36-4C9E-956E-C53285F85DEB}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe |
"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C840818B-6022-483B-84CF-6B8E27EB48D5}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D515B09D-C7EA-45B0-8A06-891AE6B85E19}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{EE35BF52-DBD2-40F4-BE63-A658C33F2316}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system |
"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64
"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373)
"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)
"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light
"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein
"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French
"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11
"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium
"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian
"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch
"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin
"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi
"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static
"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Ad-Aware" = Ad-Aware
"adawaretb" = Ad-Aware Security Add-on
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AllDup_is1" = AllDup 3.3.20
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"F-Manager" = Fiesta Download Manager
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)
"GMX Upload-Manager" = GMX Upload-Manager
"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"Karlsson" = Karlsson
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14
"Lenovo SlideNav2" = Lenovo SlideNav
"Lenovo SplitScreen" = Lenovo SplitScreen
"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"SopCast" = SopCast 3.3.2
"Unknown Horizons" = Unknown Horizons
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.09.2012 13:00:02 | Computer Name = superhirn | Source = Windows Backup | ID = 4103
Description =
Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002
Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 780 Startzeit:
01cd9f486b0e9e45 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
Berichts-ID:
e5fab153-0b3b-11e2-a821-c80aa9f6e46e
Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e
Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000028 Fehleroffset: 0x0009087d ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e
Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest". Die abhängige Assemblierung
"ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht
gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".
Definition:
SMC,processorArchitecture="x86",type="win32",version="8.0.0.0". Verwenden Sie das
Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706
Description =
[ Media Center Events ]
Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung. 23:12:42
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung. 23:12:47
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung. 00:12:57
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung. 00:13:02
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung. 01:13:12
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung. 01:13:17
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung. 07:35:50
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung. 07:36:01
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung. 09:21:41
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung. 09:21:46
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:18:16 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 05:19:14 | Computer Name = superhirn | Source = DCOM | ID = 10016
Description =
Error - 04.10.2012 10:32:59 | Computer Name = superhirn | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
Error - 04.10.2012 10:35:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
|
|
04.10.2012, 18:34
| #4 |
| /// TB-Ausbilder | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus, ich brauche noch mehr Informationen, da du die Suche mit deinem OTL-Scan eingeschränkt hast. Alle Anweisungen genau lesen! So gehts weiter: Schritt 1 Ich sehe das Du sogenannte Registry Cleaner am System hast. In deinem Fall CCleaner und Eusing Free Registry Cleaner. Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
Zerstörst Du die Registry, zerstörst Du Windows. Ich empfehle Dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten. Schritt 2
Schritt 3
Code:
ATTFilter activex
netsvcs
msconfig
drivers32
safebootminimal
safebootnetwork
CREATERESTOREPOINT
Schritt 4 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung. Schritt 5 Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt 6 Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
05.10.2012, 11:22
| #5 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Herzlichen Dank lieber M-K-D-B  1. Schritt - registry cleaner gelöscht (wie löscht man dann all die windows temp Dateien die im Laufe der Zeit so auflaufen ... sind manchmal Gb?) 2. Schritt - den Sopcast Ask Toolbar konnte ich nicht löschen ... falsch installiert? 3. Schritt hier kommen nun die OTL Dateien:OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.10.2012 10:56:38 - Run 2 OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,93 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 85,66% Memory free 11,87 Gb Paging File | 11,09 Gb Available in Paging File | 93,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 550,62 Gb Total Space | 228,93 Gb Free Space | 41,58% Space Free | Partition Type: NTFS Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe PRC - [2012.09.23 10:50:14 | 001,191,768 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2011.06.22 11:59:04 | 001,101,960 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.09.23 10:50:12 | 001,737,728 | ---- | M] (Lavasoft Limited ) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2012.09.07 01:57:38 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Stopped] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc) SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service) SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP) SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.03 12:47:01 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo) DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2) DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp) DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror) DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0) DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms} IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: blekko (Enabled) CHR - default_search_provider: search_url = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\ CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll () O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo) O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo) O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ba620125-a611-11df-a4fc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP MsConfig:64bit - StartUpFolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= - File not found MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - StartUpReg: VeriFaceManager - hkey= - key= - File not found MsConfig:64bit - State: "bootini" - Reg Error: Unable to open variant key MsConfig:64bit - State: "startup" - Reg Error: Unable to open variant key MsConfig:64bit - State: "services" - Reg Error: Unable to open variant key Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: mcmscsvc - Service SafeBootMin:64bit: MCODS - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited ) SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: mcmscsvc - Service SafeBootNet:64bit: MCODS - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: MpfService - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited ) SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT Unable to start System Restore Service. Error code 1084 ========== Files/Folders - Created Within 30 Days ========== [2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B} [2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp [2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics [2012.10.04 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars [2012.10.04 10:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb [2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes [2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spyware Terminator [2012.10.03 22:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2012.10.03 22:28:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012 [2012.10.03 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator [2012.10.03 21:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\klbufxxvvhtvhnf [2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.27 11:33:39 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys [2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.23 10:53:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2012.09.23 10:53:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2012.09.23 10:53:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2012.09.23 10:53:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2012.09.23 10:53:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2012.09.23 10:53:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2012.09.23 10:53:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2012.09.23 10:53:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2012.09.23 10:53:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2012.09.23 10:53:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2012.09.23 10:53:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2012.09.23 10:53:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2012.09.23 10:53:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2012.09.23 10:53:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2012.09.23 10:52:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2012.09.13 22:40:35 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.09.12 11:15:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys [2012.09.12 11:15:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.05 10:30:50 | 000,000,408 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job [2012.10.05 10:30:31 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2012.10.05 10:30:24 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys [2012.10.04 21:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012.10.04 21:37:01 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.04 21:13:00 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job [2012.10.04 20:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.10.04 16:43:46 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.04 16:41:25 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.04 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job [2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk [2012.10.04 10:13:00 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job [2012.10.04 10:07:05 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat [2012.10.04 10:07:05 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat [2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.10.03 22:28:15 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk [2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.10.03 21:37:39 | 000,105,984 | ---- | M] () -- C:\ProgramData\bgbotadh.exe [2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP [2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.13 22:40:44 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.05 10:46:34 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable [2012.10.04 16:32:51 | 000,000,408 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job [2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 22:28:15 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk [2012.10.03 21:37:43 | 000,105,984 | ---- | C] () -- C:\ProgramData\bgbotadh.exe [2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP [2012.07.18 23:05:05 | 004,503,728 | ---- | C] () -- C:\ProgramData\pmt_0piot.pad [2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg [2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3 [2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat [2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel [2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini [2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI [2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT [2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI [2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll [2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll [2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll [2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini [2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat [2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat [2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
05.10.2012, 11:24
| #6 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.10.2012 10:56:38 - Run 2
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,93 Gb Total Physical Memory | 5,08 Gb Available Physical Memory | 85,66% Memory free
11,87 Gb Paging File | 11,09 Gb Available in Paging File | 93,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 550,62 Gb Total Space | 228,93 Gb Free Space | 41,58% Space Free | Partition Type: NTFS
Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS
Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system |
"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system |
"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system |
"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system |
"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe |
"{0782ED6F-9AC4-42A0-A2F7-FE8F7481306E}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{67B5FA16-E18C-41BF-81B1-9289DBE457C8}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAFDF678-CD36-4C9E-956E-C53285F85DEB}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe |
"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C840818B-6022-483B-84CF-6B8E27EB48D5}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D515B09D-C7EA-45B0-8A06-891AE6B85E19}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{EE35BF52-DBD2-40F4-BE63-A658C33F2316}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system |
"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64
"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373)
"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)
"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light
"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein
"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French
"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11
"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium
"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian
"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch
"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin
"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi
"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static
"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Ad-Aware" = Ad-Aware
"adawaretb" = Ad-Aware Security Add-on
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AllDup_is1" = AllDup 3.3.20
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)
"GMX Upload-Manager" = GMX Upload-Manager
"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"Karlsson" = Karlsson
"Lenovo SlideNav2" = Lenovo SlideNav
"Lenovo SplitScreen" = Lenovo SplitScreen
"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"SopCast" = SopCast 3.3.2
"Unknown Horizons" = Unknown Horizons
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002
Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 780 Startzeit:
01cd9f486b0e9e45 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
Berichts-ID:
e5fab153-0b3b-11e2-a821-c80aa9f6e46e
Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e
Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000028 Fehleroffset: 0x0009087d ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e
Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest". Die abhängige Assemblierung
"ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht
gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".
Definition:
SMC,processorArchitecture="x86",type="win32",version="8.0.0.0". Verwenden Sie das
Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706
Description =
Error - 05.10.2012 04:39:58 | Computer Name = superhirn | Source = MsiInstaller | ID = 11719
Description =
[ Media Center Events ]
Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung. 23:12:42
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung. 23:12:47
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung. 00:12:57
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung. 00:13:02
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung. 01:13:12
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung. 01:13:17
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung. 07:35:50
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung. 07:36:01
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung. 09:21:41
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung. 09:21:46
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 05.10.2012 05:04:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:27 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:06:45 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 05.10.2012 05:08:33 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
4. Schritt Defogger - alles OK 5. Schritt aswMBR - logfile kommt hier: aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-10-05 12:31:02 ----------------------------- 12:31:02.874 OS Version: Windows x64 6.1.7601 Service Pack 1 12:31:02.874 Number of processors: 4 586 0x1E05 12:31:02.874 ComputerName: SUPERHIRN UserName: Jan 12:31:04.044 Initialize success 12:31:05.417 AVAST engine defs: 12100400 12:32:29.173 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 12:32:29.173 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3 12:32:29.189 Disk 0 MBR read successfully 12:32:29.189 Disk 0 MBR scan 12:32:29.719 Disk 0 Windows VISTA default MBR code 12:32:29.735 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048 12:32:30.312 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 563840 MB offset 411648 12:32:30.359 Disk 0 Partition - 00 0F Extended LBA 31330 MB offset 1155155968 12:32:30.374 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 1219319808 12:32:30.468 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31329 MB offset 1155158016 12:32:30.874 Disk 0 scanning C:\windows\system32\drivers 12:32:49.219 Service scanning 12:33:18.298 Modules scanning 12:33:18.298 Disk 0 trace - called modules: 12:33:18.313 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 12:33:18.344 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80073cc060] 12:33:18.344 3 CLASSPNP.SYS[fffff88001ba543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800634e050] 12:33:18.360 Scan finished successfully 12:33:48.312 Disk 0 MBR has been saved successfully to "C:\Users\Jan\Desktop\MBR.dat" 12:33:48.328 The log file has been saved successfully to "C:\Users\Jan\Desktop\aswMBR.txt" |
|
05.10.2012, 11:40
| #7 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit 6. Schritt TDSSKiller hat nichts gefunden: 12:37:45.0152 2596 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 12:37:45.0355 2596 ============================================================ 12:37:45.0355 2596 Current date / time: 2012/10/05 12:37:45.0355 12:37:45.0355 2596 SystemInfo: 12:37:45.0355 2596 12:37:45.0355 2596 OS Version: 6.1.7601 ServicePack: 1.0 12:37:45.0355 2596 Product type: Workstation 12:37:45.0355 2596 ComputerName: SUPERHIRN 12:37:45.0355 2596 UserName: Jan 12:37:45.0355 2596 Windows directory: C:\windows 12:37:45.0355 2596 System windows directory: C:\windows 12:37:45.0355 2596 Running under WOW64 12:37:45.0355 2596 Processor architecture: Intel x64 12:37:45.0355 2596 Number of processors: 4 12:37:45.0355 2596 Page size: 0x1000 12:37:45.0355 2596 Boot type: Safe boot with network 12:37:45.0355 2596 ============================================================ 12:37:45.0791 2596 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:37:45.0791 2596 ============================================================ 12:37:45.0791 2596 \Device\Harddisk0\DR0: 12:37:45.0791 2596 MBR partitions: 12:37:45.0791 2596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000 12:37:45.0791 2596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x44D40000 12:37:45.0823 2596 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x44DA5000, BlocksNum 0x3D30800 12:37:45.0823 2596 ============================================================ 12:37:45.0869 2596 C: <-> \Device\Harddisk0\DR0\Partition2 12:37:45.0916 2596 D: <-> \Device\Harddisk0\DR0\Partition3 12:37:45.0916 2596 ============================================================ 12:37:45.0916 2596 Initialize success 12:37:45.0916 2596 ============================================================ 12:37:49.0957 2324 ============================================================ 12:37:49.0957 2324 Scan started 12:37:49.0957 2324 Mode: Manual; 12:37:49.0957 2324 ============================================================ 12:37:50.0206 2324 ================ Scan system memory ======================== 12:37:50.0206 2324 System memory - ok 12:37:50.0206 2324 ================ Scan services ============================= 12:37:50.0409 2324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 12:37:50.0409 2324 1394ohci - ok 12:37:50.0471 2324 [ 6E9C8B324980AFE454C6F7762E2B4478 ] acedrv07 C:\windows\system32\drivers\acedrv07.sys 12:37:50.0471 2324 acedrv07 - ok 12:37:50.0518 2324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 12:37:50.0518 2324 ACPI - ok 12:37:50.0581 2324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 12:37:50.0581 2324 AcpiPmi - ok 12:37:50.0627 2324 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys 12:37:50.0627 2324 ACPIVPC - ok 12:37:50.0768 2324 [ 5E1A953C6472E7BB644892A4D0DF5E72 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 12:37:50.0783 2324 AdobeFlashPlayerUpdateSvc - ok 12:37:50.0846 2324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 12:37:50.0846 2324 adp94xx - ok 12:37:50.0877 2324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 12:37:50.0877 2324 adpahci - ok 12:37:50.0908 2324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 12:37:50.0908 2324 adpu320 - ok 12:37:50.0939 2324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 12:37:50.0939 2324 AeLookupSvc - ok 12:37:51.0002 2324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 12:37:51.0017 2324 AFD - ok 12:37:51.0095 2324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 12:37:51.0095 2324 agp440 - ok 12:37:51.0142 2324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 12:37:51.0142 2324 ALG - ok 12:37:51.0173 2324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 12:37:51.0173 2324 aliide - ok 12:37:51.0220 2324 [ 957A387F09BF497002B11BA609460F4C ] AMD External Events Utility C:\windows\system32\atiesrxx.exe 12:37:51.0220 2324 AMD External Events Utility - ok 12:37:51.0267 2324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 12:37:51.0267 2324 amdide - ok 12:37:51.0314 2324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 12:37:51.0314 2324 AmdK8 - ok 12:37:51.0454 2324 [ 5A7F53E425BF675AB1B80435DA70F676 ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys 12:37:51.0579 2324 amdkmdag - ok 12:37:51.0641 2324 [ D92AC218752B8F7F0A4296FCA417C4CF ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys 12:37:51.0641 2324 amdkmdap - ok 12:37:51.0657 2324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 12:37:51.0657 2324 AmdPPM - ok 12:37:51.0704 2324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 12:37:51.0704 2324 amdsata - ok 12:37:51.0735 2324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 12:37:51.0735 2324 amdsbs - ok 12:37:51.0751 2324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 12:37:51.0751 2324 amdxata - ok 12:37:51.0813 2324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 12:37:51.0813 2324 AppID - ok 12:37:51.0860 2324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 12:37:51.0860 2324 AppIDSvc - ok 12:37:51.0891 2324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 12:37:51.0891 2324 Appinfo - ok 12:37:52.0016 2324 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:37:52.0016 2324 Apple Mobile Device - ok 12:37:52.0047 2324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys 12:37:52.0047 2324 arc - ok 12:37:52.0063 2324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 12:37:52.0063 2324 arcsas - ok 12:37:52.0109 2324 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys 12:37:52.0109 2324 aswFsBlk - ok 12:37:52.0187 2324 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys 12:37:52.0187 2324 aswMonFlt - ok 12:37:52.0234 2324 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys 12:37:52.0234 2324 aswRdr - ok 12:37:52.0265 2324 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys 12:37:52.0281 2324 aswSnx - ok 12:37:52.0328 2324 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys 12:37:52.0328 2324 aswSP - ok 12:37:52.0359 2324 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\windows\system32\drivers\aswTdi.sys 12:37:52.0359 2324 aswTdi - ok 12:37:52.0406 2324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 12:37:52.0406 2324 AsyncMac - ok 12:37:52.0453 2324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 12:37:52.0453 2324 atapi - ok 12:37:52.0531 2324 [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr C:\windows\system32\DRIVERS\athrx.sys 12:37:52.0562 2324 athr - ok 12:37:52.0593 2324 [ C5B7809742AD1B792BDD075B763B13A3 ] ATIAVPCI C:\windows\system32\DRIVERS\atinavrr.sys 12:37:52.0624 2324 ATIAVPCI - ok 12:37:52.0718 2324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 12:37:52.0733 2324 AudioEndpointBuilder - ok 12:37:52.0749 2324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 12:37:52.0765 2324 AudioSrv - ok 12:37:52.0858 2324 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 12:37:52.0858 2324 avast! Antivirus - ok 12:37:52.0905 2324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 12:37:52.0921 2324 AxInstSV - ok 12:37:52.0967 2324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys 12:37:52.0967 2324 b06bdrv - ok 12:37:53.0014 2324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 12:37:53.0014 2324 b57nd60a - ok 12:37:53.0155 2324 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe 12:37:53.0155 2324 BBSvc - ok 12:37:53.0217 2324 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe 12:37:53.0217 2324 BBUpdate - ok 12:37:53.0279 2324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 12:37:53.0279 2324 BDESVC - ok 12:37:53.0326 2324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 12:37:53.0326 2324 Beep - ok 12:37:53.0404 2324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 12:37:53.0404 2324 BFE - ok 12:37:53.0482 2324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll 12:37:53.0498 2324 BITS - ok 12:37:53.0545 2324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 12:37:53.0545 2324 blbdrive - ok 12:37:53.0607 2324 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 12:37:53.0607 2324 Bonjour Service - ok 12:37:53.0669 2324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 12:37:53.0669 2324 bowser - ok 12:37:53.0701 2324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 12:37:53.0701 2324 BrFiltLo - ok 12:37:53.0716 2324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 12:37:53.0716 2324 BrFiltUp - ok 12:37:53.0779 2324 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys 12:37:53.0779 2324 Bridge0 - ok 12:37:53.0825 2324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 12:37:53.0825 2324 Browser - ok 12:37:53.0857 2324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 12:37:53.0857 2324 Brserid - ok 12:37:53.0888 2324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 12:37:53.0888 2324 BrSerWdm - ok 12:37:53.0903 2324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 12:37:53.0903 2324 BrUsbMdm - ok 12:37:53.0919 2324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 12:37:53.0919 2324 BrUsbSer - ok 12:37:53.0966 2324 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys 12:37:53.0966 2324 BthEnum - ok 12:37:53.0997 2324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 12:37:53.0997 2324 BTHMODEM - ok 12:37:54.0028 2324 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys 12:37:54.0028 2324 BthPan - ok 12:37:54.0075 2324 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys 12:37:54.0091 2324 BTHPORT - ok 12:37:54.0137 2324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 12:37:54.0137 2324 bthserv - ok 12:37:54.0169 2324 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys 12:37:54.0169 2324 BTHUSB - ok 12:37:54.0200 2324 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys 12:37:54.0200 2324 btusbflt - ok 12:37:54.0247 2324 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys 12:37:54.0247 2324 btwaudio - ok 12:37:54.0293 2324 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys 12:37:54.0293 2324 btwavdt - ok 12:37:54.0371 2324 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe 12:37:54.0387 2324 btwdins - ok 12:37:54.0418 2324 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys 12:37:54.0418 2324 btwl2cap - ok 12:37:54.0449 2324 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys 12:37:54.0449 2324 btwrchid - ok 12:37:54.0496 2324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 12:37:54.0496 2324 cdfs - ok 12:37:54.0543 2324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 12:37:54.0543 2324 cdrom - ok 12:37:54.0590 2324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 12:37:54.0590 2324 CertPropSvc - ok 12:37:54.0637 2324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys 12:37:54.0637 2324 circlass - ok 12:37:54.0652 2324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 12:37:54.0668 2324 CLFS - ok 12:37:54.0761 2324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:37:54.0761 2324 clr_optimization_v2.0.50727_32 - ok 12:37:54.0793 2324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 12:37:54.0793 2324 clr_optimization_v2.0.50727_64 - ok 12:37:54.0886 2324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:37:54.0886 2324 clr_optimization_v4.0.30319_32 - ok 12:37:54.0949 2324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 12:37:54.0949 2324 clr_optimization_v4.0.30319_64 - ok 12:37:54.0980 2324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 12:37:54.0980 2324 CmBatt - ok 12:37:54.0995 2324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 12:37:54.0995 2324 cmdide - ok 12:37:55.0042 2324 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 12:37:55.0042 2324 CNG - ok 12:37:55.0105 2324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 12:37:55.0105 2324 Compbatt - ok 12:37:55.0167 2324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 12:37:55.0167 2324 CompositeBus - ok 12:37:55.0167 2324 COMSysApp - ok 12:37:55.0214 2324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 12:37:55.0214 2324 crcdisk - ok 12:37:55.0276 2324 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll 12:37:55.0276 2324 CryptSvc - ok 12:37:55.0385 2324 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 12:37:55.0385 2324 cvhsvc - ok 12:37:55.0495 2324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 12:37:55.0495 2324 DcomLaunch - ok 12:37:55.0557 2324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 12:37:55.0557 2324 defragsvc - ok 12:37:55.0619 2324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 12:37:55.0619 2324 DfsC - ok 12:37:55.0666 2324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 12:37:55.0666 2324 Dhcp - ok 12:37:55.0697 2324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 12:37:55.0697 2324 discache - ok 12:37:55.0744 2324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys 12:37:55.0744 2324 Disk - ok 12:37:55.0791 2324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 12:37:55.0791 2324 Dnscache - ok 12:37:55.0838 2324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 12:37:55.0838 2324 dot3svc - ok 12:37:55.0885 2324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 12:37:55.0885 2324 DPS - ok 12:37:55.0916 2324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 12:37:55.0916 2324 drmkaud - ok 12:37:55.0978 2324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 12:37:55.0994 2324 DXGKrnl - ok 12:37:56.0025 2324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 12:37:56.0025 2324 EapHost - ok 12:37:56.0087 2324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys 12:37:56.0150 2324 ebdrv - ok 12:37:56.0197 2324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 12:37:56.0197 2324 EFS - ok 12:37:56.0275 2324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 12:37:56.0275 2324 ehRecvr - ok 12:37:56.0337 2324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 12:37:56.0337 2324 ehSched - ok 12:37:56.0368 2324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 12:37:56.0384 2324 elxstor - ok 12:37:56.0431 2324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 12:37:56.0431 2324 ErrDev - ok 12:37:56.0524 2324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 12:37:56.0524 2324 EventSystem - ok 12:37:56.0587 2324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 12:37:56.0587 2324 exfat - ok 12:37:56.0665 2324 Fabs - ok 12:37:56.0696 2324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 12:37:56.0696 2324 fastfat - ok 12:37:56.0743 2324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 12:37:56.0743 2324 Fax - ok 12:37:56.0774 2324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys 12:37:56.0789 2324 fdc - ok 12:37:56.0805 2324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 12:37:56.0805 2324 fdPHost - ok 12:37:56.0805 2324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 12:37:56.0821 2324 FDResPub - ok 12:37:56.0836 2324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 12:37:56.0836 2324 FileInfo - ok 12:37:56.0852 2324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 12:37:56.0852 2324 Filetrace - ok 12:37:56.0992 2324 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 12:37:57.0055 2324 FirebirdServerMAGIXInstance - ok 12:37:57.0101 2324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 12:37:57.0101 2324 flpydisk - ok 12:37:57.0179 2324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 12:37:57.0179 2324 FltMgr - ok 12:37:57.0226 2324 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 12:37:57.0242 2324 FontCache - ok 12:37:57.0289 2324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 12:37:57.0289 2324 FontCache3.0.0.0 - ok 12:37:57.0335 2324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 12:37:57.0335 2324 FsDepends - ok 12:37:57.0382 2324 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys 12:37:57.0382 2324 fssfltr - ok 12:37:57.0491 2324 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 12:37:57.0538 2324 fsssvc - ok 12:37:57.0569 2324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 12:37:57.0569 2324 Fs_Rec - ok 12:37:57.0616 2324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 12:37:57.0616 2324 fvevol - ok 12:37:57.0647 2324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 12:37:57.0663 2324 gagp30kx - ok 12:37:57.0710 2324 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 12:37:57.0710 2324 GEARAspiWDM - ok 12:37:57.0772 2324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 12:37:57.0772 2324 gpsvc - ok 12:37:57.0928 2324 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:37:57.0928 2324 gupdate - ok 12:37:57.0959 2324 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:37:57.0975 2324 gupdatem - ok 12:37:57.0991 2324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 12:37:57.0991 2324 hcw85cir - ok 12:37:58.0069 2324 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 12:37:58.0069 2324 HdAudAddService - ok 12:37:58.0131 2324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 12:37:58.0131 2324 HDAudBus - ok 12:37:58.0147 2324 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys 12:37:58.0147 2324 HECIx64 - ok 12:37:58.0178 2324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 12:37:58.0178 2324 HidBatt - ok 12:37:58.0209 2324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 12:37:58.0209 2324 HidBth - ok 12:37:58.0271 2324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys 12:37:58.0271 2324 HidIr - ok 12:37:58.0303 2324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll 12:37:58.0303 2324 hidserv - ok 12:37:58.0365 2324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 12:37:58.0365 2324 HidUsb - ok 12:37:58.0427 2324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 12:37:58.0427 2324 hkmsvc - ok 12:37:58.0474 2324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 12:37:58.0474 2324 HomeGroupListener - ok 12:37:58.0521 2324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 12:37:58.0537 2324 HomeGroupProvider - ok 12:37:58.0583 2324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 12:37:58.0583 2324 HpSAMD - ok 12:37:58.0646 2324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 12:37:58.0661 2324 HTTP - ok 12:37:58.0708 2324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 12:37:58.0708 2324 hwpolicy - ok 12:37:58.0771 2324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys 12:37:58.0771 2324 i8042prt - ok 12:37:58.0802 2324 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 12:37:58.0802 2324 iaStor - ok 12:37:58.0880 2324 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 12:37:58.0880 2324 IAStorDataMgrSvc - ok 12:37:58.0942 2324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 12:37:58.0958 2324 iaStorV - ok 12:37:59.0036 2324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 12:37:59.0051 2324 idsvc - ok 12:37:59.0176 2324 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys 12:37:59.0270 2324 igfx - ok 12:37:59.0348 2324 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe 12:37:59.0348 2324 IGRS - ok 12:37:59.0395 2324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 12:37:59.0395 2324 iirsp - ok 12:37:59.0441 2324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 12:37:59.0457 2324 IKEEXT - ok 12:37:59.0566 2324 [ 06B774E74F7E2B8AE903A70C45A03D61 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys 12:37:59.0613 2324 IntcAzAudAddService - ok 12:37:59.0660 2324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 12:37:59.0660 2324 intelide - ok 12:37:59.0707 2324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 12:37:59.0707 2324 intelppm - ok 12:37:59.0738 2324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 12:37:59.0738 2324 IPBusEnum - ok 12:37:59.0785 2324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 12:37:59.0785 2324 IpFilterDriver - ok 12:37:59.0847 2324 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 12:37:59.0847 2324 iphlpsvc - ok 12:37:59.0878 2324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 12:37:59.0894 2324 IPMIDRV - ok 12:37:59.0909 2324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 12:37:59.0909 2324 IPNAT - ok 12:37:59.0972 2324 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 12:37:59.0987 2324 iPod Service - ok 12:38:00.0034 2324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 12:38:00.0034 2324 IRENUM - ok 12:38:00.0050 2324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 12:38:00.0050 2324 isapnp - ok 12:38:00.0112 2324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 12:38:00.0112 2324 iScsiPrt - ok 12:38:00.0159 2324 [ 3926C8C55A2CD2C94888BE39B4BEB629 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys 12:38:00.0159 2324 JMCR - ok 12:38:00.0175 2324 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys 12:38:00.0175 2324 JmUsbCcgp - ok 12:38:00.0221 2324 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys 12:38:00.0221 2324 JmUsbVideo - ok 12:38:00.0237 2324 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys 12:38:00.0237 2324 JmUsbVideo2 - ok 12:38:00.0268 2324 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys 12:38:00.0268 2324 k57nd60a - ok 12:38:00.0299 2324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys 12:38:00.0299 2324 kbdclass - ok 12:38:00.0346 2324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 12:38:00.0346 2324 kbdhid - ok 12:38:00.0362 2324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 12:38:00.0362 2324 KeyIso - ok 12:38:00.0409 2324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 12:38:00.0409 2324 KSecDD - ok 12:38:00.0424 2324 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 12:38:00.0424 2324 KSecPkg - ok 12:38:00.0455 2324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 12:38:00.0455 2324 ksthunk - ok 12:38:00.0471 2324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 12:38:00.0487 2324 KtmRm - ok 12:38:00.0549 2324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll 12:38:00.0549 2324 LanmanServer - ok 12:38:00.0580 2324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 12:38:00.0580 2324 LanmanWorkstation - ok 12:38:00.0674 2324 [ 61323B88EFE90F6B144A3611B3ED1D7D ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe 12:38:00.0689 2324 Lavasoft Ad-Aware Service - ok 12:38:00.0721 2324 [ C8B3131857931AE76798A741CC52B021 ] Lbd C:\windows\system32\DRIVERS\Lbd.sys 12:38:00.0721 2324 Lbd - ok 12:38:00.0767 2324 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe 12:38:00.0783 2324 Lenovo ReadyComm AppSvc - ok 12:38:00.0799 2324 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe 12:38:00.0799 2324 Lenovo ReadyComm ConnSvc - ok 12:38:00.0830 2324 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys 12:38:00.0830 2324 LHDmgr - ok 12:38:00.0877 2324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 12:38:00.0877 2324 lltdio - ok 12:38:00.0892 2324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 12:38:00.0908 2324 lltdsvc - ok 12:38:00.0923 2324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 12:38:00.0923 2324 lmhosts - ok 12:38:00.0986 2324 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 12:38:00.0986 2324 LMS - ok 12:38:01.0033 2324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 12:38:01.0033 2324 LSI_FC - ok 12:38:01.0064 2324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 12:38:01.0064 2324 LSI_SAS - ok 12:38:01.0079 2324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 12:38:01.0095 2324 LSI_SAS2 - ok 12:38:01.0095 2324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 12:38:01.0095 2324 LSI_SCSI - ok 12:38:01.0126 2324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 12:38:01.0126 2324 luafv - ok 12:38:01.0189 2324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 12:38:01.0189 2324 Mcx2Svc - ok 12:38:01.0220 2324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys 12:38:01.0220 2324 megasas - ok 12:38:01.0235 2324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 12:38:01.0235 2324 MegaSR - ok 12:38:01.0313 2324 Microsoft SharePoint Workspace Audit Service - ok 12:38:01.0360 2324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 12:38:01.0360 2324 MMCSS - ok 12:38:01.0391 2324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 12:38:01.0391 2324 Modem - ok 12:38:01.0407 2324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 12:38:01.0423 2324 monitor - ok 12:38:01.0469 2324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 12:38:01.0485 2324 mouclass - ok 12:38:01.0532 2324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 12:38:01.0532 2324 mouhid - ok 12:38:01.0579 2324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 12:38:01.0579 2324 mountmgr - ok 12:38:01.0610 2324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 12:38:01.0610 2324 mpio - ok 12:38:01.0625 2324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 12:38:01.0625 2324 mpsdrv - ok 12:38:01.0703 2324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 12:38:01.0719 2324 MpsSvc - ok 12:38:01.0781 2324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 12:38:01.0781 2324 MRxDAV - ok 12:38:01.0813 2324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 12:38:01.0813 2324 mrxsmb - ok 12:38:01.0859 2324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 12:38:01.0859 2324 mrxsmb10 - ok 12:38:01.0906 2324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 12:38:01.0906 2324 mrxsmb20 - ok 12:38:01.0953 2324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 12:38:01.0953 2324 msahci - ok 12:38:01.0969 2324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 12:38:01.0969 2324 msdsm - ok 12:38:02.0000 2324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 12:38:02.0015 2324 MSDTC - ok 12:38:02.0031 2324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 12:38:02.0031 2324 Msfs - ok 12:38:02.0047 2324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 12:38:02.0047 2324 mshidkmdf - ok 12:38:02.0109 2324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 12:38:02.0109 2324 msisadrv - ok 12:38:02.0171 2324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 12:38:02.0171 2324 MSiSCSI - ok 12:38:02.0171 2324 msiserver - ok 12:38:02.0218 2324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 12:38:02.0218 2324 MSKSSRV - ok 12:38:02.0218 2324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 12:38:02.0218 2324 MSPCLOCK - ok 12:38:02.0218 2324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 12:38:02.0218 2324 MSPQM - ok 12:38:02.0265 2324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 12:38:02.0265 2324 MsRPC - ok 12:38:02.0312 2324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 12:38:02.0312 2324 mssmbios - ok 12:38:02.0343 2324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 12:38:02.0343 2324 MSTEE - ok 12:38:02.0359 2324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 12:38:02.0359 2324 MTConfig - ok 12:38:02.0374 2324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 12:38:02.0374 2324 Mup - ok 12:38:02.0421 2324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 12:38:02.0421 2324 napagent - ok 12:38:02.0468 2324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 12:38:02.0483 2324 NativeWifiP - ok 12:38:02.0608 2324 [ 7F79DA9E719D0774BDBC3622ABD3AFD9 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 12:38:02.0624 2324 NAUpdate - ok 12:38:02.0686 2324 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\windows\system32\DRIVERS\NBVol.sys 12:38:02.0686 2324 NBVol - ok 12:38:02.0733 2324 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\windows\system32\DRIVERS\NBVolUp.sys 12:38:02.0733 2324 NBVolUp - ok 12:38:02.0795 2324 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys 12:38:02.0795 2324 NDIS - ok 12:38:02.0842 2324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 12:38:02.0842 2324 NdisCap - ok 12:38:02.0873 2324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 12:38:02.0873 2324 NdisTapi - ok 12:38:02.0920 2324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 12:38:02.0920 2324 Ndisuio - ok 12:38:02.0951 2324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 12:38:02.0951 2324 NdisWan - ok 12:38:02.0998 2324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 12:38:02.0998 2324 NDProxy - ok 12:38:03.0029 2324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 12:38:03.0029 2324 NetBIOS - ok 12:38:03.0061 2324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 12:38:03.0076 2324 NetBT - ok 12:38:03.0092 2324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 12:38:03.0092 2324 Netlogon - ok 12:38:03.0139 2324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 12:38:03.0139 2324 Netman - ok 12:38:03.0154 2324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 12:38:03.0154 2324 netprofm - ok 12:38:03.0201 2324 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:38:03.0201 2324 NetTcpPortSharing - ok 12:38:03.0341 2324 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys 12:38:03.0435 2324 netw5v64 - ok 12:38:03.0451 2324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 12:38:03.0466 2324 nfrd960 - ok 12:38:03.0513 2324 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll 12:38:03.0513 2324 NlaSvc - ok 12:38:03.0544 2324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 12:38:03.0544 2324 Npfs - ok 12:38:03.0575 2324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 12:38:03.0575 2324 nsi - ok 12:38:03.0607 2324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 12:38:03.0607 2324 nsiproxy - ok 12:38:03.0685 2324 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 12:38:03.0716 2324 Ntfs - ok 12:38:03.0747 2324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 12:38:03.0747 2324 Null - ok 12:38:03.0794 2324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 12:38:03.0794 2324 nvraid - ok 12:38:03.0825 2324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 12:38:03.0825 2324 nvstor - ok 12:38:03.0872 2324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 12:38:03.0872 2324 nv_agp - ok 12:38:03.0919 2324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 12:38:03.0919 2324 ohci1394 - ok 12:38:03.0981 2324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:38:03.0981 2324 ose - ok 12:38:04.0106 2324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 12:38:04.0199 2324 osppsvc - ok 12:38:04.0231 2324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 12:38:04.0246 2324 p2pimsvc - ok 12:38:04.0262 2324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 12:38:04.0262 2324 p2psvc - ok 12:38:04.0309 2324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys 12:38:04.0309 2324 Parport - ok 12:38:04.0340 2324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 12:38:04.0340 2324 partmgr - ok 12:38:04.0355 2324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 12:38:04.0355 2324 PcaSvc - ok 12:38:04.0402 2324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 12:38:04.0418 2324 pci - ok 12:38:04.0449 2324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 12:38:04.0449 2324 pciide - ok 12:38:04.0480 2324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 12:38:04.0480 2324 pcmcia - ok 12:38:04.0496 2324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 12:38:04.0496 2324 pcw - ok 12:38:04.0527 2324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 12:38:04.0527 2324 PEAUTH - ok 12:38:04.0621 2324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 12:38:04.0621 2324 PerfHost - ok 12:38:04.0730 2324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 12:38:04.0761 2324 pla - ok 12:38:04.0839 2324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 12:38:04.0839 2324 PlugPlay - ok 12:38:04.0855 2324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 12:38:04.0855 2324 PNRPAutoReg - ok 12:38:04.0886 2324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 12:38:04.0886 2324 PNRPsvc - ok 12:38:04.0933 2324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 12:38:04.0948 2324 PolicyAgent - ok 12:38:04.0964 2324 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 12:38:04.0964 2324 Power - ok 12:38:05.0011 2324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 12:38:05.0026 2324 PptpMiniport - ok 12:38:05.0042 2324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys 12:38:05.0042 2324 Processor - ok 12:38:05.0104 2324 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll 12:38:05.0104 2324 ProfSvc - ok 12:38:05.0104 2324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 12:38:05.0104 2324 ProtectedStorage - ok 12:38:05.0167 2324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 12:38:05.0167 2324 Psched - ok 12:38:05.0167 2324 PS_MDP - ok 12:38:05.0213 2324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 12:38:05.0245 2324 ql2300 - ok 12:38:05.0260 2324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 12:38:05.0260 2324 ql40xx - ok 12:38:05.0276 2324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 12:38:05.0291 2324 QWAVE - ok 12:38:05.0307 2324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 12:38:05.0307 2324 QWAVEdrv - ok 12:38:05.0323 2324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 12:38:05.0323 2324 RasAcd - ok 12:38:05.0354 2324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 12:38:05.0354 2324 RasAgileVpn - ok 12:38:05.0385 2324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 12:38:05.0385 2324 RasAuto - ok 12:38:05.0432 2324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 12:38:05.0432 2324 Rasl2tp - ok 12:38:05.0479 2324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 12:38:05.0494 2324 RasMan - ok 12:38:05.0510 2324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 12:38:05.0510 2324 RasPppoe - ok 12:38:05.0557 2324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 12:38:05.0557 2324 RasSstp - ok 12:38:05.0619 2324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 12:38:05.0619 2324 rdbss - ok 12:38:05.0635 2324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 12:38:05.0635 2324 rdpbus - ok 12:38:05.0650 2324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 12:38:05.0650 2324 RDPCDD - ok 12:38:05.0681 2324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 12:38:05.0681 2324 RDPENCDD - ok 12:38:05.0713 2324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 12:38:05.0713 2324 RDPREFMP - ok 12:38:05.0759 2324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 12:38:05.0759 2324 RDPWD - ok 12:38:05.0822 2324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 12:38:05.0837 2324 rdyboost - ok 12:38:05.0853 2324 ReadyComm.DirectRouter - ok 12:38:05.0869 2324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 12:38:05.0869 2324 RemoteAccess - ok 12:38:05.0900 2324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 12:38:05.0915 2324 RemoteRegistry - ok 12:38:05.0978 2324 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys 12:38:05.0978 2324 RFCOMM - ok 12:38:06.0025 2324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 12:38:06.0025 2324 RpcEptMapper - ok 12:38:06.0056 2324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 12:38:06.0056 2324 RpcLocator - ok 12:38:06.0087 2324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 12:38:06.0103 2324 RpcSs - ok 12:38:06.0134 2324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 12:38:06.0134 2324 rspndr - ok 12:38:06.0181 2324 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys 12:38:06.0181 2324 RTHDMIAzAudService - ok 12:38:06.0196 2324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 12:38:06.0196 2324 SamSs - ok 12:38:06.0243 2324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 12:38:06.0243 2324 sbp2port - ok 12:38:06.0274 2324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 12:38:06.0274 2324 SCardSvr - ok 12:38:06.0305 2324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 12:38:06.0321 2324 scfilter - ok 12:38:06.0368 2324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 12:38:06.0383 2324 Schedule - ok 12:38:06.0430 2324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 12:38:06.0430 2324 SCPolicySvc - ok 12:38:06.0493 2324 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys 12:38:06.0493 2324 sdbus - ok 12:38:06.0539 2324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 12:38:06.0555 2324 SDRSVC - ok 12:38:06.0586 2324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 12:38:06.0586 2324 secdrv - ok 12:38:06.0633 2324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 12:38:06.0633 2324 seclogon - ok 12:38:06.0649 2324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll 12:38:06.0649 2324 SENS - ok 12:38:06.0680 2324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 12:38:06.0680 2324 SensrSvc - ok 12:38:06.0727 2324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 12:38:06.0727 2324 Serenum - ok 12:38:06.0758 2324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys 12:38:06.0758 2324 Serial - ok 12:38:06.0773 2324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 12:38:06.0773 2324 sermouse - ok 12:38:06.0820 2324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 12:38:06.0820 2324 SessionEnv - ok 12:38:06.0851 2324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 12:38:06.0851 2324 sffdisk - ok 12:38:06.0851 2324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 12:38:06.0851 2324 sffp_mmc - ok 12:38:06.0867 2324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 12:38:06.0867 2324 sffp_sd - ok 12:38:06.0929 2324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 12:38:06.0929 2324 sfloppy - ok 12:38:06.0992 2324 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys 12:38:07.0007 2324 Sftfs - ok 12:38:07.0085 2324 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 12:38:07.0101 2324 sftlist - ok 12:38:07.0117 2324 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys 12:38:07.0117 2324 Sftplay - ok 12:38:07.0132 2324 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys 12:38:07.0132 2324 Sftredir - ok 12:38:07.0179 2324 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys 12:38:07.0179 2324 Sftvol - ok 12:38:07.0179 2324 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 12:38:07.0179 2324 sftvsa - ok 12:38:07.0226 2324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 12:38:07.0226 2324 SharedAccess - ok 12:38:07.0273 2324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 12:38:07.0273 2324 ShellHWDetection - ok 12:38:07.0304 2324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 12:38:07.0304 2324 SiSRaid2 - ok 12:38:07.0335 2324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 12:38:07.0335 2324 SiSRaid4 - ok 12:38:07.0429 2324 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 12:38:07.0429 2324 SkypeUpdate - ok 12:38:07.0491 2324 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe 12:38:07.0507 2324 Slidebar Notifier Service - ok 12:38:07.0538 2324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 12:38:07.0538 2324 Smb - ok 12:38:07.0569 2324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 12:38:07.0585 2324 SNMPTRAP - ok 12:38:07.0631 2324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 12:38:07.0631 2324 spldr - ok 12:38:07.0709 2324 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe 12:38:07.0709 2324 Spooler - ok 12:38:07.0819 2324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 12:38:07.0881 2324 sppsvc - ok 12:38:07.0912 2324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 12:38:07.0912 2324 sppuinotify - ok 12:38:07.0975 2324 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\windows\system32\DRIVERS\stflt.sys 12:38:07.0975 2324 sp_rsdrv2 - ok 12:38:08.0021 2324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 12:38:08.0021 2324 srv - ok 12:38:08.0084 2324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 12:38:08.0084 2324 srv2 - ok 12:38:08.0099 2324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 12:38:08.0099 2324 srvnet - ok 12:38:08.0146 2324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 12:38:08.0146 2324 SSDPSRV - ok 12:38:08.0162 2324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 12:38:08.0177 2324 SstpSvc - ok 12:38:08.0255 2324 [ DDD02F9CB4CB29FC1655F199B3432C3D ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe 12:38:08.0287 2324 ST2012_Svc - ok 12:38:08.0318 2324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 12:38:08.0318 2324 stexstor - ok 12:38:08.0365 2324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 12:38:08.0380 2324 stisvc - ok 12:38:08.0427 2324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 12:38:08.0427 2324 swenum - ok 12:38:08.0458 2324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 12:38:08.0474 2324 swprv - ok 12:38:08.0521 2324 [ C7E556D216CC864E24FFA797B5C1DD14 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys 12:38:08.0521 2324 SynTP - ok 12:38:08.0599 2324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 12:38:08.0630 2324 SysMain - ok 12:38:08.0677 2324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 12:38:08.0677 2324 TabletInputService - ok 12:38:08.0708 2324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 12:38:08.0708 2324 TapiSrv - ok 12:38:08.0739 2324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 12:38:08.0739 2324 TBS - ok 12:38:08.0817 2324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys 12:38:08.0848 2324 Tcpip - ok 12:38:08.0926 2324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 12:38:08.0926 2324 TCPIP6 - ok 12:38:08.0973 2324 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 12:38:08.0973 2324 tcpipreg - ok 12:38:09.0051 2324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 12:38:09.0051 2324 TDPIPE - ok 12:38:09.0098 2324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 12:38:09.0098 2324 TDTCP - ok 12:38:09.0145 2324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 12:38:09.0145 2324 tdx - ok 12:38:09.0176 2324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 12:38:09.0191 2324 TermDD - ok 12:38:09.0223 2324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 12:38:09.0238 2324 TermService - ok 12:38:09.0269 2324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 12:38:09.0269 2324 Themes - ok 12:38:09.0301 2324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 12:38:09.0301 2324 THREADORDER - ok 12:38:09.0332 2324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 12:38:09.0332 2324 TrkWks - ok 12:38:09.0394 2324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 12:38:09.0394 2324 TrustedInstaller - ok 12:38:09.0441 2324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 12:38:09.0441 2324 tssecsrv - ok 12:38:09.0488 2324 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 12:38:09.0488 2324 TsUsbFlt - ok 12:38:09.0581 2324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 12:38:09.0597 2324 tunnel - ok 12:38:09.0613 2324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 12:38:09.0613 2324 uagp35 - ok 12:38:09.0659 2324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 12:38:09.0659 2324 udfs - ok 12:38:09.0691 2324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 12:38:09.0691 2324 UI0Detect - ok 12:38:09.0784 2324 [ FDB805B2749DACE784BD05125979B478 ] uigxrdr C:\windows\system32\DRIVERS\uigxrdr.sys 12:38:09.0784 2324 uigxrdr - ok 12:38:09.0784 2324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 12:38:09.0784 2324 uliagpkx - ok 12:38:09.0847 2324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys 12:38:09.0847 2324 umbus - ok 12:38:09.0862 2324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 12:38:09.0878 2324 UmPass - ok 12:38:10.0003 2324 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 12:38:10.0049 2324 UNS - ok 12:38:10.0081 2324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 12:38:10.0096 2324 upnphost - ok 12:38:10.0143 2324 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 12:38:10.0143 2324 USBAAPL64 - ok 12:38:10.0205 2324 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys 12:38:10.0205 2324 usbaudio - ok 12:38:10.0252 2324 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 12:38:10.0252 2324 usbccgp - ok 12:38:10.0299 2324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 12:38:10.0299 2324 usbcir - ok 12:38:10.0361 2324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys 12:38:10.0361 2324 usbehci - ok 12:38:10.0408 2324 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 12:38:10.0408 2324 usbhub - ok 12:38:10.0455 2324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 12:38:10.0455 2324 usbohci - ok 12:38:10.0486 2324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 12:38:10.0486 2324 usbprint - ok 12:38:10.0502 2324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 12:38:10.0502 2324 USBSTOR - ok 12:38:10.0517 2324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 12:38:10.0517 2324 usbuhci - ok 12:38:10.0549 2324 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys 12:38:10.0564 2324 usbvideo - ok 12:38:10.0595 2324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 12:38:10.0595 2324 UxSms - ok 12:38:10.0611 2324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 12:38:10.0611 2324 VaultSvc - ok 12:38:10.0658 2324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 12:38:10.0658 2324 vdrvroot - ok 12:38:10.0720 2324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 12:38:10.0720 2324 vds - ok 12:38:10.0767 2324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 12:38:10.0767 2324 vga - ok 12:38:10.0783 2324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 12:38:10.0783 2324 VgaSave - ok 12:38:10.0876 2324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 12:38:10.0876 2324 vhdmp - ok 12:38:10.0923 2324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 12:38:10.0923 2324 viaide - ok 12:38:10.0939 2324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 12:38:10.0939 2324 volmgr - ok 12:38:10.0985 2324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 12:38:10.0985 2324 volmgrx - ok 12:38:11.0001 2324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 12:38:11.0001 2324 volsnap - ok 12:38:11.0048 2324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 12:38:11.0048 2324 vsmraid - ok 12:38:11.0141 2324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 12:38:11.0173 2324 VSS - ok 12:38:11.0188 2324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 12:38:11.0188 2324 vwifibus - ok 12:38:11.0219 2324 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 12:38:11.0235 2324 vwififlt - ok 12:38:11.0251 2324 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys 12:38:11.0251 2324 vwifimp - ok 12:38:11.0282 2324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 12:38:11.0282 2324 W32Time - ok 12:38:11.0313 2324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 12:38:11.0313 2324 WacomPen - ok 12:38:11.0375 2324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 12:38:11.0375 2324 WANARP - ok 12:38:11.0407 2324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 12:38:11.0407 2324 Wanarpv6 - ok 12:38:11.0469 2324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 12:38:11.0500 2324 wbengine - ok 12:38:11.0563 2324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 12:38:11.0563 2324 WbioSrvc - ok 12:38:11.0609 2324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 12:38:11.0609 2324 wcncsvc - ok 12:38:11.0656 2324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 12:38:11.0656 2324 WcsPlugInService - ok 12:38:11.0687 2324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys 12:38:11.0687 2324 Wd - ok 12:38:11.0703 2324 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 12:38:11.0719 2324 Wdf01000 - ok 12:38:11.0719 2324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 12:38:11.0734 2324 WdiServiceHost - ok 12:38:11.0734 2324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 12:38:11.0734 2324 WdiSystemHost - ok 12:38:11.0765 2324 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys 12:38:11.0765 2324 wdmirror - ok 12:38:11.0828 2324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 12:38:11.0828 2324 WebClient - ok 12:38:11.0859 2324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 12:38:11.0875 2324 Wecsvc - ok 12:38:11.0890 2324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 12:38:11.0890 2324 wercplsupport - ok 12:38:11.0921 2324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 12:38:11.0921 2324 WerSvc - ok 12:38:11.0968 2324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 12:38:11.0968 2324 WfpLwf - ok 12:38:12.0015 2324 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys 12:38:12.0015 2324 WimFltr - ok 12:38:12.0031 2324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 12:38:12.0031 2324 WIMMount - ok 12:38:12.0046 2324 WinDefend - ok 12:38:12.0046 2324 WinHttpAutoProxySvc - ok 12:38:12.0124 2324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 12:38:12.0124 2324 Winmgmt - ok 12:38:12.0202 2324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 12:38:12.0249 2324 WinRM - ok 12:38:12.0296 2324 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 12:38:12.0311 2324 WinUsb - ok 12:38:12.0358 2324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 12:38:12.0358 2324 Wlansvc - ok 12:38:12.0421 2324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 12:38:12.0421 2324 wlcrasvc - ok 12:38:12.0514 2324 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:38:12.0561 2324 wlidsvc - ok 12:38:12.0623 2324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 12:38:12.0623 2324 WmiAcpi - ok 12:38:12.0655 2324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 12:38:12.0655 2324 wmiApSrv - ok 12:38:12.0686 2324 WMPNetworkSvc - ok 12:38:12.0717 2324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 12:38:12.0717 2324 WPCSvc - ok 12:38:12.0748 2324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 12:38:12.0748 2324 WPDBusEnum - ok 12:38:12.0779 2324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 12:38:12.0779 2324 ws2ifsl - ok 12:38:12.0795 2324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll 12:38:12.0795 2324 wscsvc - ok 12:38:12.0826 2324 WSearch - ok 12:38:12.0842 2324 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys 12:38:12.0842 2324 wsvd - ok 12:38:12.0920 2324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 12:38:12.0951 2324 wuauserv - ok 12:38:12.0967 2324 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys 12:38:12.0967 2324 WudfPf - ok 12:38:13.0029 2324 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 12:38:13.0029 2324 WUDFRd - ok 12:38:13.0076 2324 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll 12:38:13.0076 2324 wudfsvc - ok 12:38:13.0107 2324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 12:38:13.0123 2324 WwanSvc - ok 12:38:13.0154 2324 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys 12:38:13.0154 2324 xusb21 - ok 12:38:13.0279 2324 [ 74983ADDCA2D9618512C088D856D6615 ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl 12:38:13.0279 2324 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok 12:38:13.0294 2324 ================ Scan global =============================== 12:38:13.0310 2324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 12:38:13.0372 2324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll 12:38:13.0372 2324 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll 12:38:13.0403 2324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 12:38:13.0419 2324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 12:38:13.0419 2324 [Global] - ok 12:38:13.0435 2324 ================ Scan MBR ================================== 12:38:13.0435 2324 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 12:38:13.0653 2324 \Device\Harddisk0\DR0 - ok 12:38:13.0653 2324 ================ Scan VBR ================================== 12:38:13.0653 2324 [ BE3837824BF4EEB3DCEAEAE5B643EFF8 ] \Device\Harddisk0\DR0\Partition1 12:38:13.0653 2324 \Device\Harddisk0\DR0\Partition1 - ok 12:38:13.0684 2324 [ 88DA574ACCB5E130753789F64863F7D5 ] \Device\Harddisk0\DR0\Partition2 12:38:13.0700 2324 \Device\Harddisk0\DR0\Partition2 - ok 12:38:13.0731 2324 [ 1035C8FAF224E2A7F8A8C418687B65F3 ] \Device\Harddisk0\DR0\Partition3 12:38:13.0731 2324 \Device\Harddisk0\DR0\Partition3 - ok 12:38:13.0731 2324 ============================================================ 12:38:13.0731 2324 Scan finished 12:38:13.0731 2324 ============================================================ 12:38:13.0747 2648 Detected object count: 0 12:38:13.0747 2648 Actual detected object count: 0 Vielen herzlichen Dank für Deine Mühen !! Ohne Dich wäre ich verloren ! |
|
05.10.2012, 14:57
| #8 | ||
| /// TB-Ausbilder | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus, Zitat:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
|
|
05.10.2012, 15:06
| #9 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus M-K-D-B ! Ich habe DEinen letzten Beitrag noch nicht ausgeführt. Ich habe einfach nur mal ausprobiert, ob mein Problem noch besteht. Und oh Wunder es ist weg! Ich schreibe gerade von dem infizierten Benuzerkonto. schon komisch, oder ? Ich traue der Sache noch nicht. Soll ich mit dem Combofix einfach wie beschrieben weitermachen? Danke für Deinen Rat ! |
|
05.10.2012, 15:11
| #10 |
| /// TB-Ausbilder | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus, bitte führe ComboFix wie beschrieben aus. Danach sehen wir weiter. |
|
05.10.2012, 15:55
| #11 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Combofix Logfile: Code:
ATTFilter ComboFix 12-10-04.02 - Jan 05.10.2012 16:37:56.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6077.3647 [GMT 2:00]
ausgeführt von:: c:\users\Jan_2\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Virenschutz *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\pmt_0piot.pad
c:\programdata\trz1EB8.tmp
c:\users\Jan_2\Documents\~WRL0005.tmp
c:\users\Jonas\Documents\~WRL0691.tmp
c:\users\Jonas\Documents\~WRL3161.tmp
c:\windows\s.bat
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-05 bis 2012-10-05 ))))))))))))))))))))))))))))))
.
.
2012-10-05 14:50 . 2012-10-05 14:50 -------- d-----w- c:\users\Regina\AppData\Local\temp
2012-10-05 14:50 . 2012-10-05 14:50 -------- d-----w- c:\users\Jonas\AppData\Local\temp
2012-10-05 14:50 . 2012-10-05 14:50 -------- d-----w- c:\users\Jan\AppData\Local\temp
2012-10-05 14:50 . 2012-10-05 14:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-05 14:50 . 2012-10-05 14:50 -------- d-----w- c:\users\Anna\AppData\Local\temp
2012-10-05 11:32 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C442EDBF-2DAE-45A6-941E-801251AED2FB}\mpengine.dll
2012-10-04 09:02 . 2012-10-04 09:03 -------- d-----w- c:\users\Gast
2012-10-04 08:27 . 2012-10-04 08:27 -------- d-----w- c:\users\Jan\AppData\Local\adawarebp
2012-10-04 08:25 . 2012-10-04 08:25 -------- d-----w- c:\users\Jan\AppData\Roaming\LavasoftStatistics
2012-10-04 08:24 . 2012-10-04 08:24 -------- d-----w- c:\programdata\blekko toolbars
2012-10-04 08:23 . 2012-10-04 08:24 -------- d-----w- c:\program files (x86)\adawaretb
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\users\Jan\AppData\Roaming\Malwarebytes
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\programdata\Malwarebytes
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-03 21:20 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-03 20:28 . 2012-10-03 20:28 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-10-03 20:28 . 2012-10-05 14:00 -------- d-----w- c:\programdata\Spyware Terminator
2012-10-03 20:28 . 2012-10-03 20:28 -------- d-----w- c:\users\Jan\AppData\Roaming\Spyware Terminator
2012-10-03 20:26 . 2012-10-03 20:28 -------- d-----w- c:\program files (x86)\Spyware Terminator
2012-10-03 19:37 . 2012-10-04 10:30 -------- d-----w- c:\programdata\klbufxxvvhtvhnf
2012-09-27 09:33 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-27 09:32 . 2012-09-27 09:32 -------- d-----w- c:\program files\iPod
2012-09-27 09:32 . 2012-09-27 09:33 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-27 09:32 . 2012-09-27 09:33 -------- d-----w- c:\program files\iTunes
2012-09-23 08:52 . 2012-08-24 10:14 816640 ----a-w- c:\windows\system32\jscript.dll
2012-09-23 08:52 . 2012-08-24 10:12 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-09-23 08:52 . 2012-08-24 06:52 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-09-23 08:52 . 2012-08-24 10:25 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-09-23 08:52 . 2012-08-24 10:24 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-09-23 08:52 . 2012-08-24 06:53 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-09-23 08:52 . 2012-08-24 11:15 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-09-23 08:52 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-09-13 20:40 . 2012-09-13 20:40 9232584 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-13 14:49 . 2012-09-13 14:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-12 18:21 . 2012-09-12 18:21 -------- d-----w- c:\users\Jan_2\AppData\Roaming\GMX
2012-09-12 18:21 . 2012-09-12 18:21 -------- d-----w- c:\users\Jan_2\AppData\Local\GMX
2012-09-12 09:15 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 09:15 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 09:15 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-04 08:22 . 2011-02-27 19:15 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-04 08:22 . 2011-02-27 19:15 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-04 08:22 . 2011-04-09 05:25 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-09-21 10:23 . 2011-03-14 06:12 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 10:23 . 2011-03-14 06:12 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 14:54 . 2011-02-27 19:15 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-12 18:38 . 2011-03-23 17:33 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 11:01 . 2011-03-03 18:35 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-03-03 18:35 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-21 09:13 . 2011-02-26 14:39 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-02-26 14:39 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-02-26 14:39 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-16 20:06 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-02-26 14:39 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-02-26 14:39 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-02-26 14:39 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-02-26 14:39 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-02-26 14:39 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-18 18:15 . 2012-08-15 10:22 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-14 14:47 . 2012-07-14 14:47 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-07-14 14:47 . 2012-07-14 14:47 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-07-14 14:47 . 2012-07-14 14:47 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-07-14 14:47 . 2012-07-14 14:47 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-12 09:04 . 2012-07-08 16:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 09:04 . 2011-05-21 07:03 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-09 11:42 . 2012-07-09 11:42 4547984 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2012-09-20 20:06 87448 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-09-20 87448]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 98304]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"PlayMovie"="c:\program files (x86)\Lenovo\PlayMovie\PMVService.exe" [2010-01-21 177384]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-04-01 778592]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-08-08 540056]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-03-03 69376]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 uigxrdr;uigxrdr;c:\windows\system32\DRIVERS\uigxrdr.sys [2011-11-16 199752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/08/12 13:15];c:\program files (x86)\Lenovo\PlayMovie\000.fcl [2010-01-21 18:05 146928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2012-09-23 1737728]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2009-12-30 69568]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [2012-10-03 51496]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-06 1148664]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-05-05 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 186880]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-03-26 160880]
S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys [2010-02-05 17904]
S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys [2010-02-05 56688]
S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys [2010-02-05 31088]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-03-03 17152]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 09:04]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job
- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job
- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-23 10775072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-23 2040352]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-06 2777296]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-09-06 3673808]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{F6BD6330-76F8-44D9-B775-87614E2D8374} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynBtnAsst - c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files (x86)\Lenovo\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller\Security]
@DACL=(02 0000)
@SACL=
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,
00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
.
Zeit der Fertigstellung: 2012-10-05 16:55:15
ComboFix-quarantined-files.txt 2012-10-05 14:55
.
Vor Suchlauf: 9 Verzeichnis(se), 249.774.116.864 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 249.810.206.720 Bytes frei
.
- - End Of File - - 85D2A82D492CFB506D39EDC7C9026141
|
|
05.10.2012, 17:20
| #12 | |
| /// TB-Ausbilder | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus, Schritt 1 Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast: Code:
ATTFilter Lavasoft Ad-Watch Live! Virenschutz
avast! Antivirus
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Zitat:
Schritt 2 Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm vom folgenden Download-Spiegel neu herunter: BleepingComputer.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter Folder::
c:\programdata\blekko toolbars
c:\programdata\klbufxxvvhtvhnf
C:\Program Files (x86)\Ask.com
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
Wichtig:
Schritt 3 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 4 Starte bitte OTL.exe. Wähle unter Extra Registrierung: Benutze Safe List und klicke auf den Scan Button. Poste die OTL.txt und die Extras.txt hier in deinen Thread. Bitte poste mit deiner nächsten Antwort
|
|
06.10.2012, 10:21
| #13 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus Habe mich für Avast entschieden. Combofix Logfile: Code:
ATTFilter ComboFix 12-10-04.02 - Jan 06.10.2012 11:08:08.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6077.4075 [GMT 2:00]
ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Jan\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\cb_a769.ico
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_a3b0.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\programdata\klbufxxvvhtvhnf
c:\programdata\klbufxxvvhtvhnf\btn-green.png
c:\programdata\klbufxxvvhtvhnf\corners-btn.png
c:\programdata\klbufxxvvhtvhnf\corners1.png
c:\programdata\klbufxxvvhtvhnf\corners2.png
c:\programdata\klbufxxvvhtvhnf\corners3.png
c:\programdata\klbufxxvvhtvhnf\corners4.png
c:\programdata\klbufxxvvhtvhnf\de-flag.png
c:\programdata\klbufxxvvhtvhnf\de-image.png
c:\programdata\klbufxxvvhtvhnf\ie6-7.css
c:\programdata\klbufxxvvhtvhnf\jquery.main.js
c:\programdata\klbufxxvvhtvhnf\McAfee.png
c:\programdata\klbufxxvvhtvhnf\pays-de.png
c:\programdata\klbufxxvvhtvhnf\steps-de.png
c:\programdata\klbufxxvvhtvhnf\steps-en.png
c:\programdata\klbufxxvvhtvhnf\style.css
c:\programdata\klbufxxvvhtvhnf\tabs.png
c:\programdata\klbufxxvvhtvhnf\wait.html
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-06 bis 2012-10-06 ))))))))))))))))))))))))))))))
.
.
2012-10-06 09:17 . 2012-10-06 09:17 -------- d-----w- c:\users\Regina\AppData\Local\temp
2012-10-06 09:17 . 2012-10-06 09:17 -------- d-----w- c:\users\Jonas\AppData\Local\temp
2012-10-06 09:17 . 2012-10-06 09:17 -------- d-----w- c:\users\Jan_2\AppData\Local\temp
2012-10-06 09:17 . 2012-10-06 09:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-06 09:17 . 2012-10-06 09:17 -------- d-----w- c:\users\Anna\AppData\Local\temp
2012-10-06 08:22 . 2012-10-06 08:22 105 ----a-w- C:\prefs.js
2012-10-05 14:55 . 2012-10-06 09:17 -------- d-----w- c:\users\Jan\AppData\Local\temp
2012-10-05 11:32 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C442EDBF-2DAE-45A6-941E-801251AED2FB}\mpengine.dll
2012-10-04 09:02 . 2012-10-04 09:03 -------- d-----w- c:\users\Gast
2012-10-04 08:27 . 2012-10-04 08:27 -------- d-----w- c:\users\Jan\AppData\Local\adawarebp
2012-10-04 08:25 . 2012-10-04 08:25 -------- d-----w- c:\users\Jan\AppData\Roaming\LavasoftStatistics
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\users\Jan\AppData\Roaming\Malwarebytes
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\programdata\Malwarebytes
2012-10-03 21:20 . 2012-10-03 21:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-03 21:20 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-03 20:28 . 2012-10-03 20:28 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-09-27 09:33 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-27 09:32 . 2012-09-27 09:32 -------- d-----w- c:\program files\iPod
2012-09-27 09:32 . 2012-09-27 09:33 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-27 09:32 . 2012-09-27 09:33 -------- d-----w- c:\program files\iTunes
2012-09-23 08:52 . 2012-08-24 10:14 816640 ----a-w- c:\windows\system32\jscript.dll
2012-09-23 08:52 . 2012-08-24 10:12 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-09-23 08:52 . 2012-08-24 06:52 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
2012-09-23 08:52 . 2012-08-24 10:25 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-09-23 08:52 . 2012-08-24 10:24 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-09-23 08:52 . 2012-08-24 06:53 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-09-23 08:52 . 2012-08-24 11:15 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-09-23 08:52 . 2012-08-24 10:39 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-09-13 20:40 . 2012-09-13 20:40 9232584 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-13 14:49 . 2012-09-13 14:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-09-12 18:21 . 2012-09-12 18:21 -------- d-----w- c:\users\Jan_2\AppData\Roaming\GMX
2012-09-12 18:21 . 2012-09-12 18:21 -------- d-----w- c:\users\Jan_2\AppData\Local\GMX
2012-09-12 09:15 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 09:15 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 09:15 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-04 08:22 . 2011-02-27 19:15 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-04 08:22 . 2011-02-27 19:15 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-04 08:22 . 2011-04-09 05:25 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-09-21 10:23 . 2011-03-14 06:12 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-09-21 10:23 . 2011-03-14 06:12 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-09-14 14:54 . 2011-02-27 19:15 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-12 18:38 . 2011-03-23 17:33 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 11:01 . 2011-03-03 18:35 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2011-03-03 18:35 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-21 09:13 . 2011-02-26 14:39 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-02-26 14:39 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-02-26 14:39 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-16 20:06 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-02-26 14:39 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-02-26 14:39 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-02-26 14:39 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-02-26 14:39 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-02-26 14:39 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-18 18:15 . 2012-08-15 10:22 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-14 14:47 . 2012-07-14 14:47 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2012-07-14 14:47 . 2012-07-14 14:47 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-07-14 14:47 . 2012-07-14 14:47 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2012-07-14 14:47 . 2012-07-14 14:47 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-12 09:04 . 2012-07-08 16:29 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 09:04 . 2011-05-21 07:03 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-09 11:42 . 2012-07-09 11:42 4547984 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-07-09 11:42 . 2012-07-09 11:42 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-05 98304]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"PlayMovie"="c:\program files (x86)\Lenovo\PlayMovie\PMVService.exe" [2010-01-21 177384]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-04-01 778592]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 136176]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 uigxrdr;uigxrdr;c:\windows\system32\DRIVERS\uigxrdr.sys [2011-11-16 199752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/08/12 13:15];c:\program files (x86)\Lenovo\PlayMovie\000.fcl [2010-01-21 18:05 146928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2009-12-30 69568]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-05-05 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 186880]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-03-26 160880]
S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys [2010-02-05 17904]
S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys [2010-02-05 56688]
S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys [2010-02-05 31088]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 09:04]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-23 17:07]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job
- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
2012-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job
- c:\users\Jan_2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-28 20:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-23 10775072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-04-23 2040352]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynBtnAsst"="c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [BU]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [BU]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{F6BD6330-76F8-44D9-B775-87614E2D8374} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files (x86)\Lenovo\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller\Security]
@DACL=(02 0000)
@SACL=
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,
00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
.
Zeit der Fertigstellung: 2012-10-06 11:19:48
ComboFix-quarantined-files.txt 2012-10-06 09:19
ComboFix2.txt 2012-10-06 09:02
ComboFix3.txt 2012-10-05 14:55
.
Vor Suchlauf: 13 Verzeichnis(se), 250.942.205.952 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 250.622.988.288 Bytes frei
.
- - End Of File - - 5D0F8F34B9C9B147D7CF6824E9C99E74
|
|
06.10.2012, 10:31
| #14 |
| /// TB-Ausbilder | dieses programm kann die webseite nicht anzeigen win7 home 64 bit Servus, Ok, folge bitte den Schritten 3 und 4 meiner letzten Antwort und poste die Logdateien dazu wie beschrieben. |
|
06.10.2012, 10:40
| #15 |
| | dieses programm kann die webseite nicht anzeigen win7 home 64 bit # AdwCleaner v2.003 - Datei am 10/06/2012 um 11:24:42 erstellt # Aktualisiert am 23/09/2012 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Jan - SUPERHIRN # Bootmodus : Normal # Ausgeführt unter : C:\Users\Jan\Desktop\adwcleaner.exe # Option [Suche] **** [Dienste] **** ***** [Dateien / Ordner] ***** Ordner Gefunden : C:\Users\Anna\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Jan\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Jan\AppData\Roaming\OpenCandy Ordner Gefunden : C:\Users\Jan_2\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Jonas\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\Users\Regina\AppData\LocalLow\AskToolbar Ordner Gefunden : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registrierungsdatenbank] ***** Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar Schlüssel Gefunden : HKCU\Software\Ask.com Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Schlüssel Gefunden : HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Die Registrierungsdatenbank ist sauber. -\\ Google Chrome v22.0.1229.79 Datei : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences Gefunden [l.41] : keyword = "blekko", Datei : C:\Users\Jan_2\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Die Datei ist sauber. ************************* AdwCleaner[R1].txt - [4266 octets] - [06/10/2012 11:24:42] ########## EOF - C:\AdwCleaner[R1].txt - [4326 octets] ########## OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.10.2012 11:26:02 - Run 3 OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,93 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 66,87% Memory free 11,87 Gb Paging File | 9,92 Gb Available in Paging File | 83,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 550,62 Gb Total Space | 233,51 Gb Free Space | 42,41% Space Free | Partition Type: NTFS Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2010.02.04 00:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe PRC - [2010.01.24 12:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe PRC - [2010.01.21 20:05:08 | 000,177,384 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe PRC - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ========== Modules (No Company Name) ========== MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2009.12.19 04:52:48 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2009.12.19 04:51:18 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2009.12.19 04:50:38 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.05.05 17:25:52 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.12 11:04:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.07.22 15:26:40 | 000,690,472 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.12 18:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.30 08:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service) SRV - [2009.11.20 17:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009.11.17 17:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc) SRV - [2009.11.04 23:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.11.04 23:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc) SRV - [2009.07.16 20:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP) SRV - [2009.07.15 07:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2009.07.15 07:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.16 19:18:56 | 000,199,752 | ---- | M] (1&1 Mail & Media GmbH) [File_System | System | Running] -- C:\Windows\SysNative\drivers\uigxrdr.SYS -- (uigxrdr) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:64bit: - [2011.06.19 17:02:25 | 000,125,440 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\acedrv07.sys -- (acedrv07) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.05.05 18:06:04 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.05.05 16:31:58 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.05.03 13:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.03.26 09:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010.02.05 19:20:32 | 000,056,688 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam.sys -- (JmUsbVideo) DRV:64bit: - [2010.02.05 18:51:30 | 000,031,088 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcam_lo.sys -- (JmUsbVideo2) DRV:64bit: - [2010.02.05 17:23:40 | 000,017,904 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmccgp.sys -- (JmUsbCcgp) DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:64bit: - [2010.01.15 02:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.01.15 02:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.01.15 02:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.12.14 10:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.11.20 17:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:64bit: - [2009.10.16 05:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror) DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0) DRV:64bit: - [2009.07.16 04:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.04.07 08:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2008.08.06 14:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2010.01.21 20:05:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/08/12 13:15:18] [Kernel | Auto | Running] -- C:\Program Files (x86)\Lenovo\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=FCF7DA51-8231-4B97-B14E-D52AA13A310E&apn_sauid=5901B2D2-58E6-4B6B-A8A1-B9D637A0E3DD IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms} IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: blekko (Enabled) CHR - default_search_provider: search_url = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=CAC0FB192098C153A67098506D474687&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\ CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.10.06 11:17:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\..\Toolbar\WebBrowser: (no name) - {F6BD6330-76F8-44D9-B775-87614E2D8374} - No CLSID value found. O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo) O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo) O4 - HKLM..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe (Lenovo) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Lenovo\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://mia.bt.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/3.0.1.0/GarminAxControl.CAB (Reg Error: Unable to open value key) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06722159-FF20-46B1-A2BD-3AD4D81DC868}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FA392A3-8BFA-441B-86A4-155291E091C8}: DhcpNameServer = 60.2.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.06 11:19:50 | 000,000,000 | ---D | C] -- C:\windows\temp [2012.10.06 10:41:00 | 004,762,471 | R--- | C] (Swearware) -- C:\Users\Jan\Desktop\ComboFix.exe [2012.10.05 16:55:17 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\temp [2012.10.05 16:32:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2012.10.05 16:32:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2012.10.05 16:32:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2012.10.05 16:29:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.05 16:28:48 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2012.10.05 12:29:19 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jan\Desktop\tdsskiller.exe [2012.10.05 12:28:15 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Jan\Desktop\aswMBR.exe [2012.10.04 17:02:28 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 10:59:46 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\{D3BD5893-9AC7-48E4-8652-CCEBDD14425B} [2012.10.04 10:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\adawarebp [2012.10.04 10:25:27 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LavasoftStatistics [2012.10.03 23:20:35 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes [2012.10.03 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.03 23:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.03 23:20:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.10.03 23:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.03 22:28:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.09.27 11:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud [2012.09.27 11:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.27 11:33:39 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys [2012.09.27 11:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.27 11:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.09.23 10:53:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2012.09.23 10:53:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2012.09.23 10:53:06 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2012.09.23 10:53:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2012.09.23 10:53:06 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2012.09.23 10:53:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2012.09.23 10:53:05 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2012.09.23 10:53:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2012.09.23 10:53:04 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2012.09.23 10:53:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2012.09.23 10:53:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2012.09.23 10:53:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2012.09.23 10:53:00 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2012.09.23 10:53:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2012.09.23 10:52:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2012.09.13 22:40:35 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.13 16:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.09.12 11:15:24 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys [2012.09.12 11:15:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.06 11:21:38 | 000,513,501 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe [2012.10.06 11:17:10 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2012.10.06 11:13:00 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000UA.job [2012.10.06 10:59:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006UA.job [2012.10.06 10:59:00 | 000,001,068 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1006Core.job [2012.10.06 10:41:10 | 004,762,471 | R--- | M] (Swearware) -- C:\Users\Jan\Desktop\ComboFix.exe [2012.10.06 10:40:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2012.10.06 10:37:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.06 10:27:59 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.06 10:27:59 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.06 10:22:13 | 000,000,105 | ---- | M] () -- C:\prefs.js [2012.10.06 10:19:32 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.06 10:19:11 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat [2012.10.06 10:19:01 | 483,835,903 | -HS- | M] () -- C:\hiberfil.sys [2012.10.06 10:17:53 | 000,001,060 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2025852948-2141897182-4232829501-1000Core.job [2012.10.06 10:16:14 | 000,000,064 | ---- | M] () -- C:\windows\SysWow64\rp_stats.dat [2012.10.06 10:16:14 | 000,000,044 | ---- | M] () -- C:\windows\SysWow64\rp_rules.dat [2012.10.05 12:33:48 | 000,000,512 | ---- | M] () -- C:\Users\Jan\Desktop\MBR.dat [2012.10.05 12:29:04 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jan\Desktop\tdsskiller.exe [2012.10.05 12:27:55 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Jan\Desktop\aswMBR.exe [2012.10.04 17:02:04 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.10.04 17:01:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable [2012.10.04 17:00:16 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.10.04 10:14:44 | 000,002,478 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk [2012.10.03 23:20:17 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 22:28:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys [2012.10.03 21:37:44 | 000,076,359 | ---- | M] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.10.02 18:26:57 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.10.02 18:26:57 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.10.02 18:26:57 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.10.02 18:26:57 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.10.02 18:26:57 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.10.01 11:41:58 | 624,797,340 | ---- | M] () -- C:\windows\MEMORY.DMP [2012.09.27 11:33:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.13 22:40:44 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.06 11:21:38 | 000,513,501 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe [2012.10.06 10:22:13 | 000,000,105 | ---- | C] () -- C:\prefs.js [2012.10.05 16:32:56 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2012.10.05 16:32:56 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2012.10.05 16:32:56 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2012.10.05 16:32:56 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2012.10.05 16:32:56 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2012.10.05 12:33:48 | 000,000,512 | ---- | C] () -- C:\Users\Jan\Desktop\MBR.dat [2012.10.05 10:46:34 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.10.04 17:01:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable [2012.10.03 23:20:17 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.03 21:37:40 | 000,076,359 | ---- | C] () -- C:\ProgramData\lllzwmpyjsqgsyt [2012.09.27 11:33:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.09.23 12:13:50 | 624,797,340 | ---- | C] () -- C:\windows\MEMORY.DMP [2012.07.15 10:30:32 | 000,000,017 | ---- | C] () -- C:\Users\Jan\AppData\Local\resmon.resmoncfg [2012.07.14 16:49:10 | 000,006,631 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\.freeciv-client-rc-2.3 [2012.04.12 09:05:36 | 000,000,017 | ---- | C] () -- C:\windows\SysWow64\shortcut_ex.dat [2011.06.24 16:04:23 | 000,000,218 | ---- | C] () -- C:\Users\Jan\.recently-used.xbel [2011.06.22 18:20:24 | 000,000,200 | ---- | C] () -- C:\Users\Jan\Goya.ini [2011.06.22 18:19:59 | 000,000,046 | ---- | C] () -- C:\windows\Goya.INI [2011.06.19 11:40:22 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\AV32UID.DAT [2011.06.18 23:07:11 | 000,000,000 | ---- | C] () -- C:\windows\MusicMaker.INI [2011.06.18 21:48:08 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\acedrv07.dll [2011.06.18 21:27:56 | 000,010,240 | ---- | C] () -- C:\windows\SysWow64\vidx16.dll [2011.06.18 21:25:39 | 000,049,152 | ---- | C] () -- C:\windows\SysWow64\mgxasio2.dll [2011.06.18 21:18:50 | 000,006,537 | ---- | C] () -- C:\windows\mgxoschk.ini [2011.05.15 19:26:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.20 17:31:59 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat [2011.04.20 17:31:59 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat [2011.03.23 22:58:03 | 001,527,912 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2011.03.03 19:51:07 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini [2011.02.26 15:52:36 | 000,000,783 | ---- | C] () -- C:\ProgramData\profile.xml ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.10.2012 11:26:02 - Run 3
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,93 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 66,87% Memory free
11,87 Gb Paging File | 9,92 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 550,62 Gb Total Space | 233,51 Gb Free Space | 42,41% Space Free | Partition Type: NTFS
Drive D: | 30,59 Gb Total Space | 28,76 Gb Free Space | 93,99% Space Free | Partition Type: NTFS
Computer Name: SUPERHIRN | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06A2CD4C-191D-42EA-BA2A-081754EE1912}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B56E26A-B4B4-49DF-8D5C-195429BF46BD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{278C55FC-930C-4F9D-B6E3-E7E13B7DEEE6}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E2D2420-E602-4667-AC7F-FCC1C6291925}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3129F9FD-38DD-4CDB-87AD-B4783D12875D}" = rport=138 | protocol=17 | dir=out | app=system |
"{3938C8DA-8829-48D2-9CB6-81C3D18F35AB}" = lport=137 | protocol=17 | dir=in | app=system |
"{3993FB93-D958-435F-B2A0-C35F109B4F01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3AA82262-21BF-458E-80AE-6A8D264A9DDC}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CD838BB-EE10-4885-BBF7-240D670E8242}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{590D2B42-3033-4C31-A66A-2BDE1474810A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5C273F80-189E-43BA-AF34-0F4348F75450}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E31F651-729A-46C9-BB97-4EF6019D7394}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D1977F5-5C72-46A3-A606-C6340DEDC4E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84F86885-C7B5-4E04-91F8-94BB5BCFE897}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{854532CF-836C-4100-9281-7A77CCB6D14A}" = lport=445 | protocol=6 | dir=in | app=system |
"{9327EE23-189C-48ED-85A3-9C9DB1E761F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1560F0C-EC8B-40DA-A9A3-05CE38A2F860}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A57B87DE-8B48-4BB4-ADE2-DFB9060F5183}" = rport=139 | protocol=6 | dir=out | app=system |
"{A76805BB-2FEE-4A4A-A234-273BF4909ABC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A91BAE25-F6C0-4A9B-B21D-BB519D7356CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{B89C10B2-2B0F-4DB8-B001-70A9430BA00A}" = rport=445 | protocol=6 | dir=out | app=system |
"{C046CBCE-8B18-4C78-B6FD-932243D0E9B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB5CA2D1-9276-45AE-9A0E-4BC819D57DBB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D3BD9A0E-DB26-47DE-B578-883DF2DDE38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9032A42-DB3B-4322-AD2C-536034D7F228}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E08B3DB6-489E-41F6-9740-D2D5299C0821}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBA599D9-8F5A-450D-A2D0-DEF68C5EFEF6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F8149C99-94F7-460E-A259-75A99AC7AEB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015CE07C-CCB0-4E36-944A-14DE97EEC01C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{03472033-611F-4767-AE3E-DCC526E80553}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\playmovie.exe |
"{16AD594F-BF4B-424C-9079-78C0449DDCBA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{326370D1-EBF1-440A-977C-A3BDCFD77434}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C678971-6775-441B-AD4E-AEAA456A0426}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{41E15F97-3AC3-41F3-A16C-6735EA1FA611}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{49B5C86E-AACF-45F0-B4E6-9C4E45AEE617}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4EC451FE-F92C-41D9-AAF3-C31E755399D7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EDA282F-C97D-43AF-BF8A-0E27155E84F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{524BCCD2-5B31-4DD4-866D-BE81EFBC5F6D}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{55DF5AE8-D02C-4A45-91EA-207374D433FA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5639874F-D477-42A2-92C8-6CB906373A96}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E2B415C-BC45-440D-AC0F-BD9E60A6CA7E}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{65A9B5B8-B818-48C1-AD80-FDB0B2FD0C4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65B99C60-96DD-4C30-A6C0-CD62646CB663}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{6648B268-6853-4028-98A5-217158849B24}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{712848A1-5DAD-4C3D-B716-FAC29A491BB2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{743D4E2D-94F9-4DFF-A1D3-E613508EB7C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7566229C-13DC-480A-8D0C-75612CB577FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78E6A186-9F79-404E-9BB6-C29A93591D3E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7CC40C5E-75C0-4BDF-9EAE-B4AD3FA1DA39}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D4F8BDE-D008-41B6-9D80-A7896F6C9CC8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7D760158-9944-4C32-AE23-88464B4594E5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8330347D-DD07-4EAA-B2E0-2B4DABD42C50}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{86F169F7-5652-443F-88E3-B8384C5A7003}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{88B2B54B-8604-4E85-9621-38804469188E}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{8C41C7A8-8C8A-4BEC-8B3D-F05EB937F1D9}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{8C7D3D97-E73E-4C59-9576-64F659D396A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92B01DD7-846A-4059-A5ED-B195CA7832ED}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{97AA661E-C2F1-49CF-9878-A946CF973D85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{97FDBA51-C4FE-4463-B2A5-273B85EAA0A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C8E10AC-9BE6-43BB-8145-BD7A76721ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9D4FB561-4C4C-4950-B4AC-2E6CB53BA479}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ABEF77FD-802A-40C6-9305-C053D4EFD129}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE9C0479-4301-4A2C-9E57-B40927E1AB0B}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{B3B6AA24-0B74-4DB3-BFFC-D93B1D2B89A7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BA917D03-7EA3-4CFC-9A1A-FFCE3EC0C322}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEF600C0-8EF5-4292-993F-EB6958633647}" = dir=in | app=c:\program files (x86)\lenovo\playmovie\pmvservice.exe |
"{C6472E23-9528-4D20-8396-4349A7C62598}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA34795B-1985-4CB4-A848-C916DC83243C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC60A25C-B73B-48CB-A912-99D525264568}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D3175696-A7A9-462A-B5EA-970E896B5BA4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DC81BE8C-BE00-4A3E-A4D5-DC4ADAF608EC}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{E0A1797F-B59D-4FA9-950F-E35863FDE2AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E86F62AE-4AB1-4C15-BB7E-3E84A35D2AB2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E92A6133-30B1-47AB-B264-767D30E5CBC4}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{EC8F43CE-303D-4517-93D1-C0C954FD0629}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{F009F8E5-0B14-43B0-9BB8-97FF822AB6B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F23B3ABC-E5FA-467B-BC96-9A8C14EE2963}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{FA409F6A-DD32-4C27-B433-F26468324CB2}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD902B70-3F0F-4090-ABE3-56845EDDC540}" = protocol=6 | dir=out | app=system |
"TCP Query User{0CCC8848-D238-4711-8878-E2422C09AC58}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{17119520-1254-429B-8E93-FB4C2307E95C}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=6 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"TCP Query User{31EA19B2-2240-4592-87BF-7701081B1873}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{32212F9C-2A40-465F-A786-41F5C38544FA}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{3604CFB1-D7C8-40A2-993B-B7230BEB47F3}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"TCP Query User{36212708-32F3-485E-A246-2A7F1283634A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{5C6DD1B1-2755-44DC-9807-7A9B5752B115}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{6B2BA6D8-4751-400B-82AD-D4A7B478F32B}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{D41AE055-D140-4567-9956-B780FD980510}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{175BD25B-3E7C-405D-88A1-3AEAAF56CCEB}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{6C8237C5-088B-49E3-95D5-BAABA1D0245F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{79366E6A-F8B2-4436-9812-D18F6B8904C6}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{89A77771-4F8C-418C-99D9-DC0C77EDC526}C:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\freeciv-2.3.1-gtk2\freeciv-server.exe |
"UDP Query User{A2232FFC-1341-44E2-A9DE-E37AD6997372}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{A2BAEE41-242E-4C17-B224-A308BF99E51F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{C4B0298C-C8F2-4C24-95F2-0DBADDFD0CC3}C:\users\regina\appdata\roaming\peufe\kyiv.exe" = protocol=17 | dir=in | app=c:\users\regina\appdata\roaming\peufe\kyiv.exe |
"UDP Query User{CBEF827F-644D-4C82-974F-4BF1F8EC2E0F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D20BFE61-B8DA-421D-A143-E851B9C96060}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{793C0787-9638-9FCA-E424-D30FB5E5A752}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C0DD912A-04BB-7012-EDC7-7D550893437E}" = ccc-utility64
"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA (07/16/2009 6.14.10.373)
"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03AF6BF4-D234-1D9C-ED0F-568354B2A852}" = Catalyst Control Center Core Implementation
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket)
"{06FF834F-B3A1-8329-B228-EE357A584D70}" = CCC Help Greek
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1226C38C-55A1-FDC4-CF37-2D5681173B34}" = CCC Help Finnish
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{19B084B8-8B95-9D62-A855-EBD890711489}" = Catalyst Control Center Graphics Light
"{1C98779A-56B1-AB70-0059-E6378B24EA66}" = CCC Help Korean
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212D3D92-9FCC-EDDA-FFE4-426FE49030C5}" = Catalyst Control Center Graphics Full New
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28ABE740-47F3-441B-9437-852F6A64EFF8}" = Lenovo_Wireless_Driver
"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{307702F6-FD2C-484A-8F2E-A1DCE85FD9CC}_is1" = 2weistein
"{330EBB01-9183-F56F-F9C9-CA20DD078234}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B233580-C1A3-B02F-93FC-48AC12905962}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F7F9151-03DF-AA1E-6E2A-5FF7887F2FC7}" = CCC Help French
"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11
"{444D37B2-074E-5691-2B45-C02798972D32}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1" = Machinarium
"{4E9DC986-7FC9-36BD-3C72-1B516F4F56C8}" = CCC Help Thai
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.6
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{575B376D-0FDB-6046-4A04-9AD21BA578E4}" = CCC Help Polish
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{676482CF-ACEC-2EC6-29DE-BE3EB6AD829A}" = CCC Help Italian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7388E582-8139-0498-7D38-98CE054A5553}" = CCC Help Norwegian
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7865FE7A-60F5-9909-1E82-758B2F7F214B}" = Catalyst Control Center Graphics Previews Vista
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8708B14E-C6E7-0069-2FCE-80DD0D99E8AF}" = CCC Help Turkish
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9453ED84-747C-DCB4-03D3-8D6DDB7D37AA}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Play Movie
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB47C549-E7D0-0093-2213-CDE2F49ED170}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB7DF440-DD8D-805A-2692-B196282338B9}" = CCC Help Spanish
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C01D45AF-5BB5-085E-66BD-809952B65E29}" = CCC Help Czech
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C818D1A1-0E4E-354D-AD70-7A026585DE80}" = CCC Help Russian
"{CBE7C598-6525-54B3-7BAB-1C0FD28CB58A}" = CCC Help German
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFE383C3-6877-AD3C-14CC-F6F1EBA3468B}" = CCC Help English
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DB6F1190-E0EE-4037-2B18-3E60D2D4C68D}" = Catalyst Control Center Graphics Full Existing
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF24EF87-0BDA-D8E7-71C0-AAAE928317DF}" = CCC Help Dutch
"{DFA154FD-9089-4E90-1236-E2BD6741B256}" = CCC Help Swedish
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi
"{E8D7B35C-93B1-317E-9403-2BBBA2154ABF}" = Google Talk Plugin
"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{ED731DBB-37A3-54A3-3288-5A8A189BBE93}" = ccc-core-static
"{EDC5A04C-27E3-F9A1-C225-E826890A4CE7}" = CCC Help Japanese
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F18357C8-C4D9-718C-65F4-98227EDF00D9}" = Catalyst Control Center Localization All
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F335B24B-0159-3C5D-DCCE-0E2ECD625166}" = CCC Help Danish
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F5608FF7-17C0-440A-80C7-29C48363BD87}" = Lenovo EasyCamera
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AllDup_is1" = AllDup 3.3.20
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Freeciv-2.3.1-gtk2" = Freeciv 2.3.1 (GTK+ client)
"GMX Upload-Manager" = GMX Upload-Manager
"Hardcopy(C__Program Files (x86)_Hardcopy)" = Hardcopy (C:\Program Files (x86)\Hardcopy)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"Karlsson" = Karlsson
"Lenovo SlideNav2" = Lenovo SlideNav
"Lenovo SplitScreen" = Lenovo SplitScreen
"MAGIX Music Maker 16 Premium D" = MAGIX Music Maker 16 Premium
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"SopCast" = SopCast 3.3.2
"Unknown Horizons" = Unknown Horizons
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2025852948-2141897182-4232829501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.09.2012 16:18:08 | Computer Name = superhirn | Source = Application Hang | ID = 1002
Description = Programm hardcopy.exe, Version 2011.7.2.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 780 Startzeit:
01cd9f486b0e9e45 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\Hardcopy\hardcopy.exe
Berichts-ID:
e5fab153-0b3b-11e2-a821-c80aa9f6e46e
Error - 01.10.2012 16:14:34 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 9d8e1df8-0c04-11e2-9212-c80aa9f6e46e
Error - 01.10.2012 16:14:37 | Computer Name = superhirn | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000028 Fehleroffset: 0x0009087d ID des fehlerhaften
Prozesses: 0x86c Startzeit der fehlerhaften Anwendung: 0x01cda0114d7c30cb Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll Berichtskennung: 9f496906-0c04-11e2-9212-c80aa9f6e46e
Error - 03.10.2012 11:38:16 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 03.10.2012 20:15:40 | Computer Name = superhirn | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error - 03.10.2012 20:19:25 | Computer Name = superhirn | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero recode\NeroBRServer.exe.Manifest". Die abhängige Assemblierung
"ACME,processorArchitecture="x86",type="win32",version="11.0.0.0"" konnte nicht
gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error - 03.10.2012 20:20:11 | Computer Name = superhirn | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 11\nero waveeditor\NMDllHost.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 11\nero waveeditor\SMC\SMC.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: SMC,processorArchitecture="x86",type="win32",version="8.1.0.0".
Definition:
SMC,processorArchitecture="x86",type="win32",version="8.0.0.0". Verwenden Sie das
Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 04.10.2012 04:07:23 | Computer Name = superhirn | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 04.10.2012 04:25:07 | Computer Name = superhirn | Source = MsiInstaller | ID = 11706
Description =
Error - 05.10.2012 04:39:58 | Computer Name = superhirn | Source = MsiInstaller | ID = 11719
Description =
[ Media Center Events ]
Error - 09.09.2012 17:12:42 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:42 - Fehler beim Herstellen der Internetverbindung. 23:12:42
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 17:12:52 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 23:12:47 - Fehler beim Herstellen der Internetverbindung. 23:12:47
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:12:57 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:12:57 - Fehler beim Herstellen der Internetverbindung. 00:12:57
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 18:13:07 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 00:13:02 - Fehler beim Herstellen der Internetverbindung. 00:13:02
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:12 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:12 - Fehler beim Herstellen der Internetverbindung. 01:13:12
- Serververbindung konnte nicht hergestellt werden..
Error - 09.09.2012 19:13:22 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 01:13:17 - Fehler beim Herstellen der Internetverbindung. 01:13:17
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 01:35:50 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:35:47 - Fehler beim Herstellen der Internetverbindung. 07:35:50
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 02:21:53 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 07:36:01 - Fehler beim Herstellen der Internetverbindung. 07:36:01
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:41 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:40 - Fehler beim Herstellen der Internetverbindung. 09:21:41
- Serververbindung konnte nicht hergestellt werden..
Error - 04.10.2012 03:21:59 | Computer Name = superhirn | Source = MCUpdate | ID = 0
Description = 09:21:46 - Fehler beim Herstellen der Internetverbindung. 09:21:46
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 06.10.2012 04:20:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Application Virtualization Client" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 06.10.2012 04:20:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Client Virtualization Handler" ist vom Dienst "Application
Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1053
Error - 06.10.2012 04:20:46 | Computer Name = superhirn | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv07
Error - 06.10.2012 04:22:53 | Computer Name = superhirn | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 06.10.2012 04:54:35 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 06.10.2012 04:58:56 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 06.10.2012 05:13:15 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 06.10.2012 05:16:35 | Computer Name = superhirn | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.10.2012 05:16:35 | Computer Name = superhirn | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.10.2012 05:17:12 | Computer Name = superhirn | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
|
|
| Themen zu dieses programm kann die webseite nicht anzeigen win7 home 64 bit |
| anmelden, anti-malware, anzeige, anzeigen, avast, bildschirm, fehlermeldung, folge, folgende, funktioniert, home, konto, malwarebytes, melde, melden, nichts, problem, probleme, programm, scan, spyware, standard, webseite, win, win7 |
Textbox.
Linear-Darstellung
