Claro Search

Blaek · 06.11.2012, 17:57

Hallo liebes TB-Team!

Ich habe seit ein paar Tagen eine merkwürdige Claro-Search-Toolbar installiert und die bekomme ich nciht weg. Ich habe es auch schon mit einer Neuinstallation von Mozilla FIrefox versucht, hat aber nicht geholfen.

Hier die Logfiles von OTL:
Normal:

Code:

ATTFilter

OTL logfile created on: 06.11.2012 17:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,90 Gb Available Physical Memory | 73,43% Memory free
7,90 Gb Paging File | 6,83 Gb Available in Paging File | 86,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,99 Gb Total Space | 419,62 Gb Free Space | 93,88% Space Free | Partition Type: NTFS
 
Computer Name: ATENCIONE | User Name: Samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.06 17:46:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samy\Desktop\OTL.exe
PRC - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
MOD - [2012.11.02 19:59:20 | 002,139,168 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll
MOD - [2011.03.11 18:24:32 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe -- (PC Performer Manager)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.10.24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.13 21:24:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.19 10:29:44 | 002,365,792 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.16 18:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\AlienRespawn\sftservice.EXE -- (SftService)
SRV - [2012.02.09 17:09:02 | 000,014,664 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Programme\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV - [2011.03.11 18:24:34 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.02.18 10:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.01.13 00:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 02:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.25 09:54:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.06.25 09:54:54 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.06.25 09:54:54 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.04.10 22:51:08 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 18:24:34 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.03.04 01:18:22 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.03.04 01:18:22 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.03.04 00:48:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.02.03 15:36:18 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.02.01 17:48:42 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.02.01 17:36:14 | 001,410,608 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.01.20 17:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011.01.12 23:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.12.27 15:42:12 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010.12.27 03:31:46 | 000,025,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2010.12.26 20:10:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.12.01 11:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.15 12:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010.08.17 14:17:46 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.08.17 14:17:46 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.08.17 14:17:46 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.02.27 02:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.26 21:43:42 | 000,016,752 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.11.01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012.09.19 09:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.06.26 21:43:42 | 000,013,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\SysWOW64\drivers\EMSC.sys -- (EMSC)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alienwarearena.com/welcome-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=311012_ctrl_4412_5&babsrc=SP_clro&mntrId=de8be9b20000000000008c705a86f8d9
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Samy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.04 11:08:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.06 17:32:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012.11.04 21:25:20 | 000,000,000 | ---D | M]
 
[2012.11.06 17:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\Extensions
[2012.11.06 17:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\Firefox\Profiles\ua35gfhx.default\extensions
[2012.11.06 17:34:35 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\firefox\profiles\ua35gfhx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.06 17:32:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.04 21:25:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com
[2012.11.04 11:08:28 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.04 21:25:27 | 000,006,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Samy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05B0F977-C58A-4B89-8E52-57F3DAAFE809}: DhcpNameServer = 212.186.211.21 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA8A5B2A-7CF9-4544-9FB6-6C7BEACD850A}: DhcpNameServer = 100.170.1.6
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll) - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\avatarimport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\avfximport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\dslauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\iastorui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\stageremote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\webcamint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\avatarimport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\avfximport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dslauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\iastorui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\stageremote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\webcamint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /r \??\Y:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.06 17:46:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Samy\Desktop\OTL.exe
[2012.11.06 17:32:32 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Mozilla
[2012.11.06 17:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.06 17:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012.11.06 17:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012.11.06 14:14:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Facebook
[2012.11.04 21:25:23 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\PerformerSoft
[2012.11.04 21:25:22 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.04 21:25:18 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Babylon
[2012.11.04 21:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.04 21:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.11.04 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.04 21:25:03 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\PhotoScape
[2012.11.04 21:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2012.11.04 21:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2012.11.04 21:24:26 | 018,376,624 | ---- | C] (Mooii) -- C:\Users\Samy\Desktop\PhotoScape_V3.6.2.exe
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\WinRAR
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.04 11:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.10.31 16:59:43 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Adobe
[2012.10.29 02:04:50 | 000,000,000 | ---D | C] -- C:\Users\Samy\Documents\Sumsi
[2012.10.27 22:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.16 20:25:48 | 000,000,000 | ---D | C] -- C:\Users\Samy\Documents\Schule
[2012.10.14 16:48:29 | 000,000,000 | ---D | C] -- C:\Windows\AutoRearm
[2012.10.14 16:48:07 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2012.10.14 16:33:27 | 000,000,000 | ---D | C] -- C:\Users\Samy\Desktop\Tuning!!
[2012.10.14 16:32:38 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.10.14 16:32:37 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.10.14 16:32:37 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.10.14 16:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.10.14 16:32:31 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\TuneUp Software
[2012.10.14 16:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012.10.14 16:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.10.14 16:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.10.14 16:32:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.14 16:27:14 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Diagnostics
[2012.10.14 15:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.10.14 15:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.10.14 15:40:24 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.10.14 15:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.10.14 15:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.10.14 15:38:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Microsoft Help
[2012.10.14 15:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.10.14 15:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.10.14 15:37:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.10.14 09:56:28 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Mozilla
[2012.10.14 09:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.10.14 09:48:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Macromedia
[2012.10.14 09:45:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Google
[2012.10.14 09:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.10.14 09:45:11 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.14 09:45:11 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.14 09:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.10.14 09:45:09 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.10.14 09:45:08 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.14 09:45:08 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.14 09:45:05 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.14 09:45:05 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.14 09:44:33 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.14 09:44:32 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.14 09:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.10.14 09:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.10.14 09:39:35 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Adobe
[2012.10.13 21:13:18 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.13 21:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.10.13 21:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.10.13 21:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.10.13 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoft
[2012.10.13 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.10.13 20:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.10.13 20:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2012.10.13 20:45:22 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Apple Computer
[2012.10.13 20:45:22 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Apple Computer
[2012.10.13 20:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.10.13 20:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.10.13 20:44:48 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Apple
[2012.10.13 20:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.10.13 20:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.10.13 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.10.13 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.10.13 20:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.10.13 20:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.10.13 20:38:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.10.13 20:38:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.10.13 20:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.10.13 20:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.10.13 20:28:14 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Macromedia
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.06 17:46:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samy\Desktop\OTL.exe
[2012.11.06 17:45:50 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.06 17:45:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.06 17:45:27 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.06 17:44:42 | 000,000,000 | ---- | M] () -- C:\Users\Samy\defogger_reenable
[2012.11.06 17:38:29 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.06 17:38:29 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.06 17:35:35 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.06 17:35:35 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.06 17:35:35 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.06 17:35:35 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.06 17:35:35 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.06 17:32:25 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.06 17:31:07 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001UA.job
[2012.11.06 17:31:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001Core.job
[2012.11.06 17:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.06 16:57:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.06 13:53:36 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.11.06 13:53:36 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.11.04 21:28:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.04 21:24:57 | 000,001,033 | ---- | M] () -- C:\Users\Samy\Desktop\PhotoScape.lnk
[2012.11.04 21:24:40 | 018,376,624 | ---- | M] (Mooii) -- C:\Users\Samy\Desktop\PhotoScape_V3.6.2.exe
[2012.11.04 11:08:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.27 12:57:12 | 028,801,209 | ---- | M] () -- C:\Users\Samy\Documents\Dirty Dancing - Time of my Life (Final Dance) - High Quality.flv
[2012.10.27 12:30:31 | 025,928,950 | ---- | M] () -- C:\Users\Samy\Documents\Grease- You're the one that I want [HQ+lyrics].flv
[2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.10.14 18:41:04 | 000,416,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.14 15:34:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.14 09:45:11 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.13 21:13:16 | 000,001,400 | ---- | M] () -- C:\Users\Samy\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.13 21:09:44 | 038,749,336 | ---- | M] () -- C:\Users\Samy\Documents\One Day [Asaf Avidan] - Wankelmut[1].mp4
[2012.10.13 20:48:53 | 000,001,291 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.10.13 20:45:19 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 20:33:46 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.10.13 20:16:17 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2012.11.06 17:44:42 | 000,000,000 | ---- | C] () -- C:\Users\Samy\defogger_reenable
[2012.11.06 17:32:25 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.06 17:32:24 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.06 14:14:19 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001UA.job
[2012.11.06 14:14:19 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001Core.job
[2012.11.04 21:28:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.04 21:24:57 | 000,001,033 | ---- | C] () -- C:\Users\Samy\Desktop\PhotoScape.lnk
[2012.10.27 12:54:07 | 028,801,209 | ---- | C] () -- C:\Users\Samy\Documents\Dirty Dancing - Time of my Life (Final Dance) - High Quality.flv
[2012.10.27 12:27:41 | 025,928,950 | ---- | C] () -- C:\Users\Samy\Documents\Grease- You're the one that I want [HQ+lyrics].flv
[2012.10.14 16:32:36 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.10.14 15:34:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.14 09:45:18 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.14 09:45:17 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.14 09:45:11 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.14 09:45:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.10.13 21:13:16 | 000,001,400 | ---- | C] () -- C:\Users\Samy\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.13 21:09:10 | 038,749,336 | ---- | C] () -- C:\Users\Samy\Documents\One Day [Asaf Avidan] - Wankelmut[1].mp4
[2012.10.13 20:48:53 | 000,001,291 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.10.13 20:45:19 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 20:44:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.10.13 20:33:46 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.10.13 20:33:46 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.06.25 09:49:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.06.25 09:49:46 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.06.25 09:49:45 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.25 09:49:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.06.25 09:49:42 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.06.25 09:47:34 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.02.09 17:19:02 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2011.06.27 14:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2011.02.11 11:22:50 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.04 21:25:18 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\Babylon
[2012.10.13 21:13:24 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoft
[2012.10.13 21:13:18 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.11.06 17:16:45 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\PerformerSoft
[2012.11.04 21:36:38 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\PhotoScape
[2012.10.14 16:32:31 | 000,000,000 | ---D | M] -- C:\Users\Samy\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 06.11.2012 17:47:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,90 Gb Available Physical Memory | 73,43% Memory free
7,90 Gb Paging File | 6,83 Gb Available in Paging File | 86,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,99 Gb Total Space | 419,62 Gb Free Space | 93,88% Space Free | Partition Type: NTFS
 
Computer Name: ATENCIONE | User Name: Samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{38E41624-BFD2-4E3A-A2AF-660CFF34755C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005EB789-B6A1-4DE4-BE2F-7D5A5216C502}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{061E980C-F977-4E9D-B2E7-CB7947D703A9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{0F628ACD-2820-4A62-9E8F-CE88CC70C809}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{12D8E5E0-8B09-4DD3-BAC7-3D51A105B438}" = dir=in | app=c:\users\samy\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{2C463E6B-B7CB-4E3E-93FB-81554C2285C9}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | 
"{43FBE201-E4F7-469C-940A-A55E34C6E3B6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{504F06BA-5204-4D41-9682-C3D729CC8856}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{5296031A-397C-45D4-AC36-5D44C8057739}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{6B221809-65D9-4103-8CFD-CE9DB608515D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{6E271075-192D-4E17-A796-5C1666231723}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{776021CB-B7BF-4FFC-87B6-0676DC667E36}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{7E77D1AE-4D93-42C4-B505-166F6FEEFE65}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{87E5C973-AAC4-4814-800E-AB2B2F1FCEB2}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{9C883636-1501-45B2-8152-5B375873EA6E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{ADD3F2A8-BC87-437D-A9E7-C3A80BA2DF42}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{C38EEB2A-09E9-45D0-A1E0-FDEE6717919E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CDCA5368-F949-4767-8901-D06C5244361E}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{D5A8DF18-DF69-45B9-A6F0-DD06ABE85FD6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{E36777D2-7974-4898-9877-617096DF522E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{FA88E7B2-B1B5-46BA-8167-AAEE4611E4AC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FCB42ED9-FD1C-4383-9AB8-0FB587A28FEF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"TCP Query User{FFB454FF-7FE0-45C3-9198-12EB99CDCC22}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{75F7EB65-84E9-4849-876E-723269B021BE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = AlienAutopsy
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88015100-B341-471F-8188-5900D11D3F3C}" = Alienware M11x Manual
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.21
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AlienAutopsy" = AlienAutopsy
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast" = avast! Free Antivirus
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"InstallShield_{88015100-B341-471F-8188-5900D11D3F3C}" = Alienware M11x Manual
"InstallShield_{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"Integrated Webcam Live! Central" = Integrated Webcam Live! Central
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Professional 2010
"PhotoScape" = PhotoScape
"TuneUp Utilities 2013" = TuneUp Utilities 2013
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.10.2012 13:38:20 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.10.2012 04:17:30 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.10.2012 06:02:38 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.10.2012 06:05:09 | Computer Name = atencione | Source = System Restore | ID = 8193
Description = 
 
Error - 27.10.2012 06:06:20 | Computer Name = atencione | Source = Microsoft-Windows-LoadPerf | ID = 3013
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"009" definiert wurden, können nicht aktualisiert werden. Das erste DWORD im Datenbereich
 enthält den Fehlercode.
 
Error - 27.10.2012 06:06:20 | Computer Name = atencione | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 27.10.2012 07:03:20 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.10.2012 12:05:31 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.10.2012 17:16:15 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.10.2012 06:16:56 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 14.10.2012 04:59:24 | Computer Name = atencione | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 14.10.2012 10:34:15 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 10:34:16 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 10:34:17 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 13:40:40 | Computer Name = atencione | Source = Application Popup | ID = 877
Description = Fehler [DATABASE OPEN FAILED] beim Verarbeiten der Treiberdatenbank.
 
 
< End of report >

Bitte um Hilfe

Mfg,
Blaek

cosinus · 07.11.2012, 14:27

Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Schon irgendwelche Scans gemacht? Wenn ja bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Blaek · 08.11.2012, 17:17

Hallo Cosinus,

Habe alles durchgelesen und gemacht

Mfg,
Blaek

cosinus · 08.11.2012, 19:01

Alles hast du offensichtlich nicht durchgelesen

Zumindest hast du dich nicht zu meiner Frage ganz unten geäußert.

Blaek · 08.11.2012, 19:23

Zitat:

Alles hast du offensichtlich nicht durchgelesen

Ups, wohl überlesen

Nein, habe noch keine anderen Logfiles

cosinus · 08.11.2012, 20:35

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Blaek · 09.11.2012, 18:28

ASWMBR Stürzt mit der Fehlermeldung ASWMBR Funktioniert nicht mehr ab.

TDSS-Killer

Code:

ATTFilter

18:26:30.0144 1640  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:26:30.0237 1640  ============================================================
18:26:30.0237 1640  Current date / time: 2012/11/09 18:26:30.0237
18:26:30.0237 1640  SystemInfo:
18:26:30.0237 1640  
18:26:30.0237 1640  OS Version: 6.1.7601 ServicePack: 1.0
18:26:30.0237 1640  Product type: Workstation
18:26:30.0237 1640  ComputerName: ATENCIONE
18:26:30.0237 1640  UserName: Samy
18:26:30.0237 1640  Windows directory: C:\Windows
18:26:30.0237 1640  System windows directory: C:\Windows
18:26:30.0237 1640  Running under WOW64
18:26:30.0237 1640  Processor architecture: Intel x64
18:26:30.0237 1640  Number of processors: 4
18:26:30.0237 1640  Page size: 0x1000
18:26:30.0237 1640  Boot type: Normal boot
18:26:30.0237 1640  ============================================================
18:26:30.0627 1640  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:26:30.0627 1640  ============================================================
18:26:30.0627 1640  \Device\Harddisk0\DR0:
18:26:30.0627 1640  MBR partitions:
18:26:30.0627 1640  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2577000
18:26:30.0627 1640  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258B000, BlocksNum 0x37DFA800
18:26:30.0627 1640  ============================================================
18:26:30.0658 1640  C: <-> \Device\Harddisk0\DR0\Partition2
18:26:30.0658 1640  ============================================================
18:26:30.0658 1640  Initialize success
18:26:30.0658 1640  ============================================================
18:26:38.0583 3448  ============================================================
18:26:38.0583 3448  Scan started
18:26:38.0583 3448  Mode: Manual; SigCheck; TDLFS; 
18:26:38.0583 3448  ============================================================
18:26:38.0942 3448  ================ Scan system memory ========================
18:26:38.0942 3448  System memory - ok
18:26:38.0958 3448  ================ Scan services =============================
18:26:39.0254 3448  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
18:26:39.0348 3448  1394ohci - ok
18:26:39.0441 3448  [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
18:26:39.0472 3448  Acceler - ok
18:26:39.0504 3448  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:26:39.0519 3448  ACPI - ok
18:26:39.0550 3448  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:26:39.0582 3448  AcpiPmi - ok
18:26:39.0660 3448  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:26:39.0691 3448  AdobeARMservice - ok
18:26:39.0784 3448  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:39.0800 3448  AdobeFlashPlayerUpdateSvc - ok
18:26:39.0847 3448  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:26:39.0862 3448  adp94xx - ok
18:26:39.0894 3448  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:26:39.0909 3448  adpahci - ok
18:26:39.0909 3448  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:26:39.0925 3448  adpu320 - ok
18:26:39.0940 3448  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:26:39.0987 3448  AeLookupSvc - ok
18:26:40.0065 3448  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
18:26:40.0081 3448  AERTFilters - ok
18:26:40.0128 3448  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:26:40.0159 3448  AFD - ok
18:26:40.0190 3448  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:26:40.0190 3448  agp440 - ok
18:26:40.0221 3448  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:26:40.0252 3448  ALG - ok
18:26:40.0299 3448  [ C9E3D784EA59842541860CB2CBE45364 ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
18:26:40.0315 3448  AlienFusionService - ok
18:26:40.0330 3448  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:26:40.0346 3448  aliide - ok
18:26:40.0362 3448  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:26:40.0362 3448  amdide - ok
18:26:40.0377 3448  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:26:40.0393 3448  AmdK8 - ok
18:26:40.0393 3448  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:26:40.0424 3448  AmdPPM - ok
18:26:40.0455 3448  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:26:40.0455 3448  amdsata - ok
18:26:40.0471 3448  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:26:40.0486 3448  amdsbs - ok
18:26:40.0502 3448  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:26:40.0518 3448  amdxata - ok
18:26:40.0518 3448  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:26:40.0564 3448  AppID - ok
18:26:40.0580 3448  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:26:40.0627 3448  AppIDSvc - ok
18:26:40.0642 3448  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:26:40.0705 3448  Appinfo - ok
18:26:40.0752 3448  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:26:40.0767 3448  Apple Mobile Device - ok
18:26:40.0798 3448  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
18:26:40.0814 3448  arc - ok
18:26:40.0830 3448  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:26:40.0830 3448  arcsas - ok
18:26:40.0923 3448  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:26:40.0939 3448  aspnet_state - ok
18:26:40.0986 3448  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:26:40.0986 3448  aswFsBlk - ok
18:26:41.0001 3448  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:26:41.0017 3448  aswMonFlt - ok
18:26:41.0032 3448  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
18:26:41.0032 3448  aswRdr - ok
18:26:41.0064 3448  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:26:41.0079 3448  aswSnx - ok
18:26:41.0095 3448  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:26:41.0110 3448  aswSP - ok
18:26:41.0110 3448  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:26:41.0126 3448  aswTdi - ok
18:26:41.0142 3448  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:26:41.0188 3448  AsyncMac - ok
18:26:41.0204 3448  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:26:41.0220 3448  atapi - ok
18:26:41.0251 3448  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:26:41.0313 3448  AudioEndpointBuilder - ok
18:26:41.0329 3448  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:26:41.0360 3448  AudioSrv - ok
18:26:41.0407 3448  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:26:41.0422 3448  avast! Antivirus - ok
18:26:41.0454 3448  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:26:41.0485 3448  AxInstSV - ok
18:26:41.0532 3448  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:26:41.0547 3448  b06bdrv - ok
18:26:41.0578 3448  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:26:41.0610 3448  b57nd60a - ok
18:26:41.0656 3448  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:26:41.0672 3448  BDESVC - ok
18:26:41.0688 3448  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:26:41.0734 3448  Beep - ok
18:26:41.0766 3448  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:26:41.0812 3448  BFE - ok
18:26:41.0828 3448  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:26:41.0906 3448  BITS - ok
18:26:41.0922 3448  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:26:41.0953 3448  blbdrive - ok
18:26:42.0000 3448  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:26:42.0015 3448  Bonjour Service - ok
18:26:42.0046 3448  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:26:42.0078 3448  bowser - ok
18:26:42.0093 3448  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:26:42.0124 3448  BrFiltLo - ok
18:26:42.0124 3448  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:26:42.0140 3448  BrFiltUp - ok
18:26:42.0171 3448  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:26:42.0187 3448  Browser - ok
18:26:42.0202 3448  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:26:42.0218 3448  Brserid - ok
18:26:42.0249 3448  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:26:42.0280 3448  BrSerWdm - ok
18:26:42.0280 3448  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:26:42.0312 3448  BrUsbMdm - ok
18:26:42.0312 3448  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:26:42.0327 3448  BrUsbSer - ok
18:26:42.0358 3448  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:26:42.0390 3448  BthEnum - ok
18:26:42.0405 3448  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:26:42.0436 3448  BTHMODEM - ok
18:26:42.0452 3448  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:26:42.0468 3448  BthPan - ok
18:26:42.0514 3448  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:26:42.0561 3448  BTHPORT - ok
18:26:42.0577 3448  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:26:42.0624 3448  bthserv - ok
18:26:42.0639 3448  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:26:42.0655 3448  BTHUSB - ok
18:26:42.0686 3448  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
18:26:42.0702 3448  btwampfl - ok
18:26:42.0717 3448  [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
18:26:42.0717 3448  btwavdt - ok
18:26:42.0748 3448  [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid        C:\Windows\system32\drivers\btwrchid.sys
18:26:42.0748 3448  btwrchid - ok
18:26:42.0764 3448  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:26:42.0811 3448  cdfs - ok
18:26:42.0826 3448  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:26:42.0858 3448  cdrom - ok
18:26:42.0889 3448  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:26:42.0936 3448  CertPropSvc - ok
18:26:42.0967 3448  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
18:26:42.0982 3448  circlass - ok
18:26:42.0998 3448  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:26:43.0014 3448  CLFS - ok
18:26:43.0060 3448  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:43.0076 3448  clr_optimization_v2.0.50727_32 - ok
18:26:43.0107 3448  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:26:43.0123 3448  clr_optimization_v2.0.50727_64 - ok
18:26:43.0185 3448  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:43.0201 3448  clr_optimization_v4.0.30319_32 - ok
18:26:43.0216 3448  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:26:43.0232 3448  clr_optimization_v4.0.30319_64 - ok
18:26:43.0263 3448  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:26:43.0279 3448  CmBatt - ok
18:26:43.0294 3448  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:26:43.0294 3448  cmdide - ok
18:26:43.0357 3448  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:26:43.0404 3448  CNG - ok
18:26:43.0419 3448  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:26:43.0450 3448  Compbatt - ok
18:26:43.0466 3448  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:26:43.0497 3448  CompositeBus - ok
18:26:43.0497 3448  COMSysApp - ok
18:26:43.0528 3448  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:26:43.0528 3448  crcdisk - ok
18:26:43.0575 3448  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:26:43.0606 3448  CryptSvc - ok
18:26:43.0638 3448  [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:26:43.0669 3448  CtClsFlt - ok
18:26:43.0700 3448  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:26:43.0747 3448  DcomLaunch - ok
18:26:43.0762 3448  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:26:43.0809 3448  defragsvc - ok
18:26:43.0825 3448  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:26:43.0872 3448  DfsC - ok
18:26:43.0887 3448  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:26:43.0934 3448  Dhcp - ok
18:26:43.0965 3448  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:26:44.0012 3448  discache - ok
18:26:44.0028 3448  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
18:26:44.0043 3448  Disk - ok
18:26:44.0059 3448  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:26:44.0090 3448  Dnscache - ok
18:26:44.0090 3448  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:26:44.0137 3448  dot3svc - ok
18:26:44.0137 3448  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:26:44.0184 3448  DPS - ok
18:26:44.0199 3448  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:26:44.0230 3448  drmkaud - ok
18:26:44.0246 3448  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:26:44.0277 3448  DXGKrnl - ok
18:26:44.0293 3448  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:26:44.0340 3448  EapHost - ok
18:26:44.0386 3448  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:26:44.0464 3448  ebdrv - ok
18:26:44.0480 3448  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:26:44.0496 3448  EFS - ok
18:26:44.0542 3448  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:26:44.0574 3448  ehRecvr - ok
18:26:44.0589 3448  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:26:44.0605 3448  ehSched - ok
18:26:44.0636 3448  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:26:44.0652 3448  elxstor - ok
18:26:44.0683 3448  [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC            C:\Windows\system32\DRIVERS\EMSC.SYS
18:26:44.0698 3448  EMSC - ok
18:26:44.0698 3448  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:26:44.0714 3448  ErrDev - ok
18:26:44.0745 3448  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:26:44.0792 3448  EventSystem - ok
18:26:44.0870 3448  [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:26:44.0901 3448  EvtEng - ok
18:26:44.0948 3448  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:26:44.0979 3448  exfat - ok
18:26:44.0995 3448  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:26:45.0042 3448  fastfat - ok
18:26:45.0073 3448  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:26:45.0104 3448  Fax - ok
18:26:45.0120 3448  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
18:26:45.0135 3448  fdc - ok
18:26:45.0166 3448  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:26:45.0213 3448  fdPHost - ok
18:26:45.0213 3448  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:26:45.0260 3448  FDResPub - ok
18:26:45.0260 3448  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:26:45.0276 3448  FileInfo - ok
18:26:45.0291 3448  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:26:45.0338 3448  Filetrace - ok
18:26:45.0354 3448  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:26:45.0369 3448  flpydisk - ok
18:26:45.0385 3448  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:26:45.0385 3448  FltMgr - ok
18:26:45.0432 3448  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
18:26:45.0478 3448  FontCache - ok
18:26:45.0510 3448  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:26:45.0525 3448  FontCache3.0.0.0 - ok
18:26:45.0541 3448  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:26:45.0556 3448  FsDepends - ok
18:26:45.0556 3448  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:26:45.0572 3448  Fs_Rec - ok
18:26:45.0588 3448  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:26:45.0603 3448  fvevol - ok
18:26:45.0619 3448  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:26:45.0619 3448  gagp30kx - ok
18:26:45.0650 3448  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:26:45.0666 3448  GEARAspiWDM - ok
18:26:45.0697 3448  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:26:45.0744 3448  gpsvc - ok
18:26:45.0759 3448  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:26:45.0775 3448  hcw85cir - ok
18:26:45.0806 3448  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:26:45.0837 3448  HdAudAddService - ok
18:26:45.0853 3448  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:26:45.0884 3448  HDAudBus - ok
18:26:45.0884 3448  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:26:45.0915 3448  HidBatt - ok
18:26:45.0931 3448  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:26:45.0962 3448  HidBth - ok
18:26:45.0962 3448  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:26:45.0978 3448  HidIr - ok
18:26:45.0993 3448  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:26:46.0024 3448  hidserv - ok
18:26:46.0056 3448  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:26:46.0071 3448  HidUsb - ok
18:26:46.0087 3448  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:26:46.0149 3448  hkmsvc - ok
18:26:46.0165 3448  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:26:46.0196 3448  HomeGroupListener - ok
18:26:46.0212 3448  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:26:46.0243 3448  HomeGroupProvider - ok
18:26:46.0258 3448  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:26:46.0274 3448  HpSAMD - ok
18:26:46.0290 3448  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:26:46.0336 3448  HTTP - ok
18:26:46.0352 3448  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:26:46.0368 3448  hwpolicy - ok
18:26:46.0368 3448  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:26:46.0383 3448  i8042prt - ok
18:26:46.0399 3448  [ D469B77687E12FE43E344806740B624D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:26:46.0414 3448  iaStor - ok
18:26:46.0446 3448  [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:26:46.0461 3448  IAStorDataMgrSvc - ok
18:26:46.0492 3448  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:26:46.0508 3448  iaStorV - ok
18:26:46.0555 3448  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:26:46.0570 3448  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:26:46.0570 3448  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:26:46.0617 3448  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:26:46.0633 3448  idsvc - ok
18:26:46.0820 3448  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:26:47.0070 3448  igfx - ok
18:26:47.0085 3448  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:26:47.0085 3448  iirsp - ok
18:26:47.0132 3448  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:26:47.0179 3448  IKEEXT - ok
18:26:47.0210 3448  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
18:26:47.0241 3448  Impcd - ok
18:26:47.0319 3448  [ 72A253EFCA059D8CF303371255624890 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:26:47.0350 3448  IntcAzAudAddService - ok
18:26:47.0397 3448  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:26:47.0413 3448  IntcDAud - ok
18:26:47.0428 3448  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:26:47.0444 3448  intelide - ok
18:26:47.0475 3448  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:26:47.0491 3448  intelppm - ok
18:26:47.0506 3448  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:26:47.0553 3448  IPBusEnum - ok
18:26:47.0553 3448  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:26:47.0584 3448  IpFilterDriver - ok
18:26:47.0600 3448  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:26:47.0647 3448  iphlpsvc - ok
18:26:47.0662 3448  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:26:47.0678 3448  IPMIDRV - ok
18:26:47.0694 3448  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:26:47.0725 3448  IPNAT - ok
18:26:47.0756 3448  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:26:47.0787 3448  iPod Service - ok
18:26:47.0818 3448  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:26:47.0850 3448  IRENUM - ok
18:26:47.0865 3448  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:26:47.0881 3448  isapnp - ok
18:26:47.0896 3448  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:26:47.0912 3448  iScsiPrt - ok
18:26:47.0943 3448  [ DF4265062DB60A2A72E8E04C358BD3D1 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
18:26:47.0943 3448  JMCR - ok
18:26:47.0959 3448  [ 579F26399D4158588AF9B1212FC4CBA0 ] johci           C:\Windows\system32\drivers\johci.sys
18:26:47.0974 3448  johci - ok
18:26:48.0006 3448  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:26:48.0021 3448  kbdclass - ok
18:26:48.0037 3448  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:26:48.0068 3448  kbdhid - ok
18:26:48.0084 3448  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:26:48.0099 3448  KeyIso - ok
18:26:48.0115 3448  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:26:48.0130 3448  KSecDD - ok
18:26:48.0130 3448  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:26:48.0146 3448  KSecPkg - ok
18:26:48.0177 3448  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:26:48.0208 3448  ksthunk - ok
18:26:48.0224 3448  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:26:48.0286 3448  KtmRm - ok
18:26:48.0318 3448  [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:26:48.0333 3448  L1C - ok
18:26:48.0364 3448  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:26:48.0411 3448  LanmanServer - ok
18:26:48.0427 3448  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:26:48.0474 3448  LanmanWorkstation - ok
18:26:48.0489 3448  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:26:48.0536 3448  lltdio - ok
18:26:48.0552 3448  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:26:48.0598 3448  lltdsvc - ok
18:26:48.0614 3448  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:26:48.0661 3448  lmhosts - ok
18:26:48.0676 3448  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:26:48.0692 3448  LSI_FC - ok
18:26:48.0692 3448  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:26:48.0708 3448  LSI_SAS - ok
18:26:48.0708 3448  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:26:48.0723 3448  LSI_SAS2 - ok
18:26:48.0723 3448  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:26:48.0739 3448  LSI_SCSI - ok
18:26:48.0770 3448  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:26:48.0801 3448  luafv - ok
18:26:48.0817 3448  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:26:48.0832 3448  Mcx2Svc - ok
18:26:48.0832 3448  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:26:48.0848 3448  megasas - ok
18:26:48.0848 3448  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:26:48.0864 3448  MegaSR - ok
18:26:48.0895 3448  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:26:48.0895 3448  MEIx64 - ok
18:26:48.0926 3448  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:26:48.0973 3448  MMCSS - ok
18:26:48.0988 3448  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:26:49.0020 3448  Modem - ok
18:26:49.0035 3448  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:26:49.0066 3448  monitor - ok
18:26:49.0082 3448  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:26:49.0098 3448  mouclass - ok
18:26:49.0098 3448  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:26:49.0113 3448  mouhid - ok
18:26:49.0144 3448  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:26:49.0144 3448  mountmgr - ok
18:26:49.0207 3448  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:26:49.0207 3448  MozillaMaintenance - ok
18:26:49.0222 3448  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:26:49.0238 3448  mpio - ok
18:26:49.0254 3448  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:26:49.0285 3448  mpsdrv - ok
18:26:49.0316 3448  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:26:49.0363 3448  MpsSvc - ok
18:26:49.0363 3448  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:26:49.0394 3448  MRxDAV - ok
18:26:49.0394 3448  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:26:49.0410 3448  mrxsmb - ok
18:26:49.0425 3448  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:26:49.0456 3448  mrxsmb10 - ok
18:26:49.0456 3448  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:26:49.0472 3448  mrxsmb20 - ok
18:26:49.0472 3448  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:26:49.0488 3448  msahci - ok
18:26:49.0503 3448  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:26:49.0519 3448  msdsm - ok
18:26:49.0534 3448  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:26:49.0550 3448  MSDTC - ok
18:26:49.0566 3448  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:26:49.0612 3448  Msfs - ok
18:26:49.0628 3448  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:26:49.0659 3448  mshidkmdf - ok
18:26:49.0659 3448  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:26:49.0675 3448  msisadrv - ok
18:26:49.0690 3448  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:26:49.0737 3448  MSiSCSI - ok
18:26:49.0737 3448  msiserver - ok
18:26:49.0753 3448  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:26:49.0800 3448  MSKSSRV - ok
18:26:49.0815 3448  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:26:49.0846 3448  MSPCLOCK - ok
18:26:49.0862 3448  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:26:49.0893 3448  MSPQM - ok
18:26:49.0909 3448  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:26:49.0924 3448  MsRPC - ok
18:26:49.0940 3448  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:26:49.0956 3448  mssmbios - ok
18:26:49.0971 3448  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:26:50.0018 3448  MSTEE - ok
18:26:50.0018 3448  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:26:50.0034 3448  MTConfig - ok
18:26:50.0049 3448  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:26:50.0065 3448  Mup - ok
18:26:50.0096 3448  [ 6ED8935257672F4CD04A88A0F3DE093D ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:26:50.0112 3448  MyWiFiDHCPDNS - ok
18:26:50.0143 3448  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:26:50.0190 3448  napagent - ok
18:26:50.0236 3448  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:26:50.0268 3448  NativeWifiP - ok
18:26:50.0314 3448  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:26:50.0346 3448  NDIS - ok
18:26:50.0361 3448  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:26:50.0392 3448  NdisCap - ok
18:26:50.0408 3448  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:26:50.0439 3448  NdisTapi - ok
18:26:50.0439 3448  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:26:50.0486 3448  Ndisuio - ok
18:26:50.0486 3448  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:26:50.0533 3448  NdisWan - ok
18:26:50.0533 3448  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:26:50.0564 3448  NDProxy - ok
18:26:50.0580 3448  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:26:50.0626 3448  NetBIOS - ok
18:26:50.0626 3448  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:26:50.0658 3448  NetBT - ok
18:26:50.0673 3448  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:26:50.0689 3448  Netlogon - ok
18:26:50.0736 3448  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:26:50.0782 3448  Netman - ok
18:26:50.0798 3448  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:50.0814 3448  NetMsmqActivator - ok
18:26:50.0814 3448  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:50.0829 3448  NetPipeActivator - ok
18:26:50.0845 3448  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:26:50.0876 3448  netprofm - ok
18:26:50.0892 3448  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:50.0892 3448  NetTcpActivator - ok
18:26:50.0907 3448  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:26:50.0907 3448  NetTcpPortSharing - ok
18:26:51.0048 3448  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
18:26:51.0235 3448  NETwNs64 - ok
18:26:51.0266 3448  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:26:51.0282 3448  nfrd960 - ok
18:26:51.0313 3448  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:26:51.0360 3448  NlaSvc - ok
18:26:51.0360 3448  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:26:51.0406 3448  Npfs - ok
18:26:51.0406 3448  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:26:51.0453 3448  nsi - ok
18:26:51.0469 3448  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:26:51.0500 3448  nsiproxy - ok
18:26:51.0547 3448  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:26:51.0578 3448  Ntfs - ok
18:26:51.0594 3448  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:26:51.0625 3448  Null - ok
18:26:51.0656 3448  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:26:51.0672 3448  nusb3hub - ok
18:26:51.0703 3448  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:26:51.0718 3448  nusb3xhc - ok
18:26:51.0921 3448  [ D5DEA2C1865CAB9EE6AA29CF9E79A2CE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:26:52.0093 3448  nvlddmkm - ok
18:26:52.0108 3448  [ 5EF70F7714C664BCF50EDFC141DEA9B8 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:26:52.0124 3448  nvpciflt - ok
18:26:52.0140 3448  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:26:52.0155 3448  nvraid - ok
18:26:52.0155 3448  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:26:52.0171 3448  nvstor - ok
18:26:52.0218 3448  [ 5A4AF8EA634B4FEEAF6F16BB1845715A ] NVSvc           C:\Windows\system32\nvvsvc.exe
18:26:52.0249 3448  NVSvc - ok
18:26:52.0311 3448  [ 4B7636C52A359AB0783B350A5FBDBB49 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:26:52.0342 3448  nvUpdatusService - ok
18:26:52.0374 3448  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:26:52.0374 3448  nv_agp - ok
18:26:52.0389 3448  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:26:52.0420 3448  ohci1394 - ok
18:26:52.0467 3448  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:26:52.0483 3448  ose - ok
18:26:52.0608 3448  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:26:52.0701 3448  osppsvc - ok
18:26:52.0748 3448  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:26:52.0779 3448  p2pimsvc - ok
18:26:52.0795 3448  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:26:52.0810 3448  p2psvc - ok
18:26:52.0842 3448  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
18:26:52.0857 3448  Parport - ok
18:26:52.0873 3448  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:26:52.0888 3448  partmgr - ok
18:26:52.0998 3448  [ A3333663E400B6327E0A0B98CAD20A24 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
18:26:53.0029 3448  PC Performer Manager - ok
18:26:53.0060 3448  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:26:53.0091 3448  PcaSvc - ok
18:26:53.0107 3448  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:26:53.0122 3448  pci - ok
18:26:53.0138 3448  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:26:53.0154 3448  pciide - ok
18:26:53.0154 3448  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:26:53.0169 3448  pcmcia - ok
18:26:53.0169 3448  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:26:53.0185 3448  pcw - ok
18:26:53.0200 3448  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:26:53.0247 3448  PEAUTH - ok
18:26:53.0310 3448  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:26:53.0341 3448  PerfHost - ok
18:26:53.0372 3448  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:26:53.0434 3448  pla - ok
18:26:53.0466 3448  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:26:53.0497 3448  PlugPlay - ok
18:26:53.0512 3448  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:26:53.0544 3448  PNRPAutoReg - ok
18:26:53.0559 3448  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:26:53.0590 3448  PNRPsvc - ok
18:26:53.0606 3448  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:26:53.0653 3448  PolicyAgent - ok
18:26:53.0668 3448  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
18:26:53.0700 3448  Power - ok
18:26:53.0715 3448  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:26:53.0762 3448  PptpMiniport - ok
18:26:53.0778 3448  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
18:26:53.0793 3448  Processor - ok
18:26:53.0840 3448  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:26:53.0871 3448  ProfSvc - ok
18:26:53.0887 3448  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:26:53.0887 3448  ProtectedStorage - ok
18:26:53.0918 3448  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:26:53.0949 3448  Psched - ok
18:26:53.0996 3448  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:26:54.0043 3448  ql2300 - ok
18:26:54.0043 3448  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:26:54.0058 3448  ql40xx - ok
18:26:54.0074 3448  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:26:54.0090 3448  QWAVE - ok
18:26:54.0105 3448  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:26:54.0121 3448  QWAVEdrv - ok
18:26:54.0121 3448  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:26:54.0168 3448  RasAcd - ok
18:26:54.0199 3448  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:26:54.0230 3448  RasAgileVpn - ok
18:26:54.0261 3448  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:26:54.0308 3448  RasAuto - ok
18:26:54.0324 3448  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:26:54.0355 3448  Rasl2tp - ok
18:26:54.0370 3448  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:26:54.0417 3448  RasMan - ok
18:26:54.0417 3448  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:26:54.0464 3448  RasPppoe - ok
18:26:54.0464 3448  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:26:54.0495 3448  RasSstp - ok
18:26:54.0511 3448  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:26:54.0558 3448  rdbss - ok
18:26:54.0558 3448  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:26:54.0589 3448  rdpbus - ok
18:26:54.0604 3448  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:26:54.0636 3448  RDPCDD - ok
18:26:54.0651 3448  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:26:54.0698 3448  RDPENCDD - ok
18:26:54.0714 3448  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:26:54.0745 3448  RDPREFMP - ok
18:26:54.0776 3448  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:26:54.0792 3448  RDPWD - ok
18:26:54.0807 3448  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:26:54.0823 3448  rdyboost - ok
18:26:54.0870 3448  [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:26:54.0901 3448  RegSrvc - ok
18:26:54.0916 3448  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:26:54.0963 3448  RemoteAccess - ok
18:26:54.0979 3448  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:26:55.0010 3448  RemoteRegistry - ok
18:26:55.0041 3448  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:26:55.0072 3448  RFCOMM - ok
18:26:55.0088 3448  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:26:55.0135 3448  RpcEptMapper - ok
18:26:55.0150 3448  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:26:55.0166 3448  RpcLocator - ok
18:26:55.0182 3448  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:26:55.0228 3448  RpcSs - ok
18:26:55.0244 3448  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:26:55.0275 3448  rspndr - ok
18:26:55.0291 3448  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:26:55.0306 3448  SamSs - ok
18:26:55.0322 3448  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:26:55.0322 3448  sbp2port - ok
18:26:55.0338 3448  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:26:55.0384 3448  SCardSvr - ok
18:26:55.0416 3448  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:26:55.0462 3448  scfilter - ok
18:26:55.0494 3448  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:26:55.0540 3448  Schedule - ok
18:26:55.0572 3448  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:26:55.0603 3448  SCPolicySvc - ok
18:26:55.0603 3448  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:26:55.0634 3448  SDRSVC - ok
18:26:55.0665 3448  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:26:55.0696 3448  secdrv - ok
18:26:55.0728 3448  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:26:55.0759 3448  seclogon - ok
18:26:55.0774 3448  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:26:55.0821 3448  SENS - ok
18:26:55.0821 3448  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:26:55.0852 3448  SensrSvc - ok
18:26:55.0868 3448  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:26:55.0884 3448  Serenum - ok
18:26:55.0899 3448  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
18:26:55.0915 3448  Serial - ok
18:26:55.0930 3448  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:26:55.0962 3448  sermouse - ok
18:26:55.0993 3448  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:26:56.0024 3448  SessionEnv - ok
18:26:56.0040 3448  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:26:56.0055 3448  sffdisk - ok
18:26:56.0055 3448  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:26:56.0071 3448  sffp_mmc - ok
18:26:56.0071 3448  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:26:56.0102 3448  sffp_sd - ok
18:26:56.0102 3448  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:26:56.0118 3448  sfloppy - ok
18:26:56.0211 3448  [ 4215C271D6E6898C3F4DABAB4F387DC9 ] SftService      C:\Program Files (x86)\AlienRespawn\sftservice.EXE
18:26:56.0242 3448  SftService - ok
18:26:56.0258 3448  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:26:56.0305 3448  SharedAccess - ok
18:26:56.0320 3448  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:26:56.0367 3448  ShellHWDetection - ok
18:26:56.0398 3448  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:26:56.0398 3448  SiSRaid2 - ok
18:26:56.0414 3448  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:26:56.0414 3448  SiSRaid4 - ok
18:26:56.0430 3448  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:26:56.0461 3448  Smb - ok
18:26:56.0492 3448  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:26:56.0508 3448  SNMPTRAP - ok
18:26:56.0523 3448  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:26:56.0539 3448  spldr - ok
18:26:56.0554 3448  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:26:56.0586 3448  Spooler - ok
18:26:56.0648 3448  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:26:56.0726 3448  sppsvc - ok
18:26:56.0726 3448  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:26:56.0773 3448  sppuinotify - ok
18:26:56.0788 3448  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:26:56.0820 3448  srv - ok
18:26:56.0835 3448  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:26:56.0866 3448  srv2 - ok
18:26:56.0866 3448  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:26:56.0882 3448  srvnet - ok
18:26:56.0913 3448  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:26:56.0944 3448  SSDPSRV - ok
18:26:56.0944 3448  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:26:56.0976 3448  SstpSvc - ok
18:26:57.0007 3448  [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
18:26:57.0022 3448  stdcfltn - ok
18:26:57.0069 3448  [ 79969ACAEEBEDA7DC3673656AB9918FD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:26:57.0085 3448  Stereo Service - ok
18:26:57.0100 3448  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:26:57.0116 3448  stexstor - ok
18:26:57.0147 3448  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:26:57.0178 3448  stisvc - ok
18:26:57.0194 3448  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:26:57.0210 3448  swenum - ok
18:26:57.0225 3448  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:26:57.0288 3448  swprv - ok
18:26:57.0334 3448  [ DDBE73EA697AB792A049D2126B951E29 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:26:57.0350 3448  SynTP - ok
18:26:57.0412 3448  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:26:57.0459 3448  SysMain - ok
18:26:57.0459 3448  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:57.0490 3448  TabletInputService - ok
18:26:57.0506 3448  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:26:57.0553 3448  TapiSrv - ok
18:26:57.0568 3448  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:26:57.0600 3448  TBS - ok
18:26:57.0662 3448  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:26:57.0693 3448  Tcpip - ok
18:26:57.0724 3448  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:57.0756 3448  TCPIP6 - ok
18:26:57.0787 3448  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:57.0818 3448  tcpipreg - ok
18:26:57.0834 3448  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:26:57.0865 3448  TDPIPE - ok
18:26:57.0865 3448  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:26:57.0880 3448  TDTCP - ok
18:26:57.0880 3448  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:26:57.0912 3448  tdx - ok
18:26:57.0927 3448  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:26:57.0927 3448  TermDD - ok
18:26:57.0958 3448  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:26:58.0005 3448  TermService - ok
18:26:58.0021 3448  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:26:58.0036 3448  Themes - ok
18:26:58.0068 3448  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:26:58.0099 3448  THREADORDER - ok
18:26:58.0114 3448  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:58.0146 3448  TrkWks - ok
18:26:58.0192 3448  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:58.0239 3448  TrustedInstaller - ok
18:26:58.0255 3448  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:26:58.0302 3448  tssecsrv - ok
18:26:58.0317 3448  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:58.0333 3448  TsUsbFlt - ok
18:26:58.0348 3448  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:26:58.0364 3448  TsUsbGD - ok
18:26:58.0442 3448  [ 25E302D93CBDFA1D1269FE3C41B94390 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
18:26:58.0473 3448  TuneUp.UtilitiesSvc - ok
18:26:58.0489 3448  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
18:26:58.0504 3448  TuneUpUtilitiesDrv - ok
18:26:58.0520 3448  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:58.0567 3448  tunnel - ok
18:26:58.0582 3448  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:26:58.0598 3448  uagp35 - ok
18:26:58.0614 3448  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:58.0660 3448  udfs - ok
18:26:58.0692 3448  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:26:58.0707 3448  UI0Detect - ok
18:26:58.0738 3448  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:58.0738 3448  uliagpkx - ok
18:26:58.0770 3448  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:26:58.0785 3448  umbus - ok
18:26:58.0801 3448  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:26:58.0832 3448  UmPass - ok
18:26:58.0863 3448  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:26:58.0910 3448  upnphost - ok
18:26:58.0926 3448  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:26:58.0941 3448  usbccgp - ok
18:26:58.0957 3448  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:26:58.0972 3448  usbcir - ok
18:26:58.0988 3448  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:26:59.0019 3448  usbehci - ok
18:26:59.0035 3448  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:26:59.0050 3448  usbhub - ok
18:26:59.0050 3448  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:26:59.0082 3448  usbohci - ok
18:26:59.0097 3448  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:26:59.0113 3448  usbprint - ok
18:26:59.0144 3448  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:26:59.0160 3448  USBSTOR - ok
18:26:59.0175 3448  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:26:59.0191 3448  usbuhci - ok
18:26:59.0222 3448  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:26:59.0238 3448  usbvideo - ok
18:26:59.0253 3448  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:26:59.0300 3448  UxSms - ok
18:26:59.0316 3448  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:59.0331 3448  VaultSvc - ok
18:26:59.0347 3448  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:59.0362 3448  vdrvroot - ok
18:26:59.0378 3448  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:26:59.0425 3448  vds - ok
18:26:59.0440 3448  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:26:59.0456 3448  vga - ok
18:26:59.0472 3448  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:26:59.0503 3448  VgaSave - ok
18:26:59.0518 3448  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:26:59.0518 3448  vhdmp - ok
18:26:59.0534 3448  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:59.0550 3448  viaide - ok
18:26:59.0565 3448  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:59.0581 3448  volmgr - ok
18:26:59.0581 3448  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:26:59.0596 3448  volmgrx - ok
18:26:59.0612 3448  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:26:59.0628 3448  volsnap - ok
18:26:59.0628 3448  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:26:59.0643 3448  vsmraid - ok
18:26:59.0690 3448  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:26:59.0752 3448  VSS - ok
18:26:59.0752 3448  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:26:59.0784 3448  vwifibus - ok
18:26:59.0799 3448  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:59.0815 3448  vwififlt - ok
18:26:59.0830 3448  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:59.0862 3448  vwifimp - ok
18:26:59.0893 3448  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:26:59.0924 3448  W32Time - ok
18:26:59.0940 3448  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:26:59.0971 3448  WacomPen - ok
18:27:00.0002 3448  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:27:00.0049 3448  WANARP - ok
18:27:00.0049 3448  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:27:00.0080 3448  Wanarpv6 - ok
18:27:00.0158 3448  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:27:00.0189 3448  WatAdminSvc - ok
18:27:00.0236 3448  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:27:00.0267 3448  wbengine - ok
18:27:00.0283 3448  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:27:00.0298 3448  WbioSrvc - ok
18:27:00.0314 3448  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:27:00.0330 3448  wcncsvc - ok
18:27:00.0361 3448  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:27:00.0376 3448  WcsPlugInService - ok
18:27:00.0392 3448  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
18:27:00.0408 3448  Wd - ok
18:27:00.0423 3448  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:27:00.0454 3448  Wdf01000 - ok
18:27:00.0470 3448  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:27:00.0486 3448  WdiServiceHost - ok
18:27:00.0486 3448  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:27:00.0517 3448  WdiSystemHost - ok
18:27:00.0532 3448  [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
18:27:00.0548 3448  wdkmd - ok
18:27:00.0564 3448  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:27:00.0595 3448  WebClient - ok
18:27:00.0610 3448  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:27:00.0657 3448  Wecsvc - ok
18:27:00.0657 3448  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:27:00.0704 3448  wercplsupport - ok
18:27:00.0735 3448  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:27:00.0766 3448  WerSvc - ok
18:27:00.0798 3448  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:27:00.0829 3448  WfpLwf - ok
18:27:00.0891 3448  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:27:00.0907 3448  WimFltr - ok
18:27:00.0907 3448  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:27:00.0922 3448  WIMMount - ok
18:27:00.0938 3448  WinDefend - ok
18:27:00.0938 3448  WinHttpAutoProxySvc - ok
18:27:00.0985 3448  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:27:01.0016 3448  Winmgmt - ok
18:27:01.0078 3448  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:27:01.0125 3448  WinRM - ok
18:27:01.0172 3448  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:27:01.0203 3448  WinUsb - ok
18:27:01.0234 3448  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:27:01.0266 3448  Wlansvc - ok
18:27:01.0281 3448  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:27:01.0312 3448  WmiAcpi - ok
18:27:01.0328 3448  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:27:01.0359 3448  wmiApSrv - ok
18:27:01.0390 3448  WMPNetworkSvc - ok
18:27:01.0422 3448  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:27:01.0437 3448  WPCSvc - ok
18:27:01.0437 3448  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:27:01.0468 3448  WPDBusEnum - ok
18:27:01.0484 3448  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:27:01.0515 3448  ws2ifsl - ok
18:27:01.0515 3448  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:27:01.0546 3448  wscsvc - ok
18:27:01.0546 3448  WSearch - ok
18:27:01.0609 3448  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:27:01.0640 3448  wuauserv - ok
18:27:01.0656 3448  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:27:01.0702 3448  WudfPf - ok
18:27:01.0734 3448  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:27:01.0780 3448  WUDFRd - ok
18:27:01.0796 3448  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:27:01.0827 3448  wudfsvc - ok
18:27:01.0843 3448  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:27:01.0874 3448  WwanSvc - ok
18:27:01.0890 3448  ================ Scan global ===============================
18:27:01.0905 3448  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:27:01.0936 3448  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:27:01.0952 3448  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:27:01.0968 3448  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:27:01.0983 3448  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:27:01.0983 3448  [Global] - ok
18:27:01.0983 3448  ================ Scan MBR ==================================
18:27:01.0999 3448  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:27:02.0389 3448  \Device\Harddisk0\DR0 - ok
18:27:02.0389 3448  ================ Scan VBR ==================================
18:27:02.0420 3448  [ 64AA18254AB3B7F0920E8AE672BB3289 ] \Device\Harddisk0\DR0\Partition1
18:27:02.0436 3448  \Device\Harddisk0\DR0\Partition1 - ok
18:27:02.0436 3448  [ 34CDE3BCD899937367BD768C798D560C ] \Device\Harddisk0\DR0\Partition2
18:27:02.0436 3448  \Device\Harddisk0\DR0\Partition2 - ok
18:27:02.0436 3448  ============================================================
18:27:02.0436 3448  Scan finished
18:27:02.0436 3448  ============================================================
18:27:02.0451 2520  Detected object count: 1
18:27:02.0451 2520  Actual detected object count: 1
18:27:12.0966 2520  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:12.0966 2520  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:21.0530 2552  Deinitialize success

cosinus · 09.11.2012, 20:18

Zitat:

ASWMBR Stürzt mit der Fehlermeldung ASWMBR Funktioniert nicht mehr ab.

Anleitung bitte komplett lesen, danke

Blaek · 10.11.2012, 13:37

Natürlich, ab jetzt jetzt bemüh ich mich

hier das Log:

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-10 13:33:00
-----------------------------
13:33:00.395    OS Version: Windows x64 6.1.7601 Service Pack 1
13:33:00.395    Number of processors: 4 586 0x2A07
13:33:00.395    ComputerName: ATENCIONE  UserName: Samy
13:33:01.549    Initialize success
13:33:01.612    AVAST engine defs: 12111001
13:33:07.805    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:33:07.805    Disk 0 Vendor: Hitachi_ JF3O Size: 476940MB BusType: 3
13:33:07.820    Disk 0 MBR read successfully
13:33:07.820    Disk 0 MBR scan
13:33:07.820    Disk 0 Windows VISTA default MBR code
13:33:07.836    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
13:33:07.836    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        19182 MB offset 81920
13:33:07.852    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       457717 MB offset 39366656
13:33:07.867    Disk 0 scanning C:\Windows\system32\drivers
13:33:11.689    Service scanning
13:33:25.667    Modules scanning
13:33:25.682    Disk 0 trace - called modules:
13:33:25.698    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll 
13:33:25.698    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006be5060]
13:33:25.714    3 CLASSPNP.SYS[fffff88001a4d43f] -> nt!IofCallDriver -> [0xfffffa8006a8a8e0]
13:33:25.714    5 stdcfltn.sys[fffff880017ddc52] -> nt!IofCallDriver -> [0xfffffa8005090630]
13:33:25.714    7 ACPI.sys[fffff88000ede7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8005091050]
13:33:25.714    Scan finished successfully
13:35:03.729    Disk 0 MBR has been saved successfully to "C:\Users\Samy\Desktop\MBR.dat"
13:35:03.744    The log file has been saved successfully to "C:\Users\Samy\Desktop\aswMBR.txt"

cosinus · 11.11.2012, 21:13

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Blaek · 11.11.2012, 22:17

Code:

ATTFilter

# AdwCleaner v2.007 - Datei am 11/11/2012 um 22:12:39 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Samy - ATENCIONE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Samy\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : PC Performer Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\pc performer manager
Ordner Gefunden : C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gefunden : C:\Users\Samy\AppData\Roaming\Babylon

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\PIP
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKU\S-1-5-21-2860004905-1908891862-404860254-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\Samy\AppData\Roaming\Mozilla\Firefox\Profiles\ua35gfhx.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.368] : urls_to_restore_on_startup ="session" : {"restore_on_startup": 4,  [ "hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9" ]}

*************************

AdwCleaner[R1].txt - [3287 octets] - [11/11/2012 22:12:39]

########## EOF - C:\AdwCleaner[R1].txt - [3347 octets] ##########

cosinus · 11.11.2012, 22:20

Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB IBUpdaterService oder Babylon) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen.
Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.

Blaek · 12.11.2012, 18:44

Finde keines der aufgeführten Programm (Babylon, IB, PcPerformer) in der Systemsteuerung unter Programme und Funktionen

cosinus · 12.11.2012, 18:50

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

Blaek · 12.11.2012, 19:57

adw:

Code:

ATTFilter

# AdwCleaner v2.007 - Datei am 12/11/2012 um 19:47:57 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Samy - ATENCIONE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Samy\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : PC Performer Manager

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Gelöscht mit Neustart : C:\ProgramData\pc performer manager
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gelöscht : C:\Users\Samy\AppData\Roaming\Babylon

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKU\S-1-5-21-2860004905-1908891862-404860254-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9 --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\Samy\AppData\Roaming\Mozilla\Firefox\Profiles\ua35gfhx.default\prefs.js

C:\Users\Samy\AppData\Roaming\Mozilla\Firefox\Profiles\ua35gfhx.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.368] : urls_to_restore_on_startup ="session" : {"restore_on_startup": 4,  [ "hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9" ]}

*************************

AdwCleaner[R1].txt - [3414 octets] - [11/11/2012 22:12:39]
AdwCleaner[S1].txt - [3270 octets] - [12/11/2012 19:47:57]

########## EOF - C:\AdwCleaner[S1].txt - [3330 octets] ##########

OTL:

Code:

ATTFilter

OTL logfile created on: 12.11.2012 19:50:15 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,96 Gb Available Physical Memory | 75,07% Memory free
7,90 Gb Paging File | 6,89 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,99 Gb Total Space | 418,74 Gb Free Space | 93,68% Space Free | Partition Type: NTFS
 
Computer Name: ATENCIONE | User Name: Samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Samy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SftService) -- C:\Program Files (x86)\AlienRespawn\sftservice.EXE (SoftThinks SAS)
SRV - (AlienFusionService) -- C:\Programme\Alienware\Command Center\AlienFusionService.exe (Alienware)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (nvkflt) -- C:\WINDOWS\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvpciflt) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\WINDOWS\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\WINDOWS\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NETwNs64) -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (JMCR) -- C:\WINDOWS\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (SynTP) -- C:\WINDOWS\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (CtClsFlt) -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\WINDOWS\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Acceler) -- C:\WINDOWS\SysNative\drivers\Accelern.sys (ST Microelectronics)
DRV:64bit: - (johci) -- C:\WINDOWS\SysNative\drivers\johci.sys (JMicron Technology Corp.)
DRV:64bit: - (L1C) -- C:\WINDOWS\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (wdkmd) -- C:\WINDOWS\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (stdcfltn) -- C:\WINDOWS\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (btwampfl) -- C:\WINDOWS\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\WINDOWS\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\WINDOWS\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (Impcd) -- C:\WINDOWS\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (EMSC) -- C:\WINDOWS\SysNative\drivers\EMSC.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\WINDOWS\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (EMSC) -- C:\WINDOWS\SysWOW64\drivers\EMSC.sys (Windows (R) Win 7 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.alienwarearena.com/welcome-at
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Samy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.04 11:08:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.06 17:32:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension
 
[2012.11.06 17:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\Extensions
[2012.11.06 17:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\Firefox\Profiles\ua35gfhx.default\extensions
[2012.11.06 17:34:35 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Samy\AppData\Roaming\mozilla\firefox\profiles\ua35gfhx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.12 19:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.11 01:27:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.11.04 11:08:28 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.claro-search.com/?affID=114506&tt=311012_ctrl_4412_5&babsrc=HP_clro&mntrId=de8be9b20000000000008c705a86f8d9
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Samy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2860004905-1908891862-404860254-1001..\Run: [Akamai NetSession Interface] C:\Users\Samy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-2860004905-1908891862-404860254-1001..\Run: [Facebook Update] C:\Users\Samy\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2860004905-1908891862-404860254-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05B0F977-C58A-4B89-8E52-57F3DAAFE809}: DhcpNameServer = 212.186.211.21 195.34.133.21 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA8A5B2A-7CF9-4544-9FB6-6C7BEACD850A}: DhcpNameServer = 100.170.1.6
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\avatarimport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\avfximport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\dslauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\iastorui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\stageremote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\webcamint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\avatarimport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\avfximport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dslauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\iastorui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\stageremote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\webcamint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /r \??\Y:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.11 22:37:14 | 000,000,000 | ---D | C] -- C:\Users\Samy\Desktop\Ds komische Sachen - Bitte am Desktop lassen!
[2012.11.11 01:27:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Skype
[2012.11.11 01:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.11 01:27:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.11.11 01:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.11.11 01:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.11.10 16:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.11.10 16:31:12 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.11.10 16:31:12 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.11.10 16:31:12 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.11.10 16:31:12 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.11.10 16:31:12 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.11.10 16:31:12 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.11.10 16:31:12 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.11.10 16:31:12 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.11.10 16:31:12 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012.11.10 16:31:12 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012.11.10 16:31:12 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.11.10 16:31:12 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.11.10 16:31:12 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.11.10 16:31:12 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.11.10 16:31:12 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012.11.10 16:31:11 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.11.10 16:31:11 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.11.10 16:31:11 | 000,284,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvkflt.sys
[2012.11.10 16:31:11 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012.11.10 16:29:15 | 000,000,000 | ---D | C] -- C:\Dell
[2012.11.10 16:25:44 | 000,000,000 | ---D | C] -- C:\SeaTemp
[2012.11.10 16:09:23 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
[2012.11.10 16:09:15 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Deployment
[2012.11.10 16:09:15 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Apps
[2012.11.10 14:57:31 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Akamai
[2012.11.10 14:29:53 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Dell
[2012.11.10 14:29:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienAutopsy
[2012.11.10 14:29:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012.11.10 14:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\AlienAutopsy
[2012.11.10 14:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012.11.10 14:28:08 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\PCDr
[2012.11.09 18:25:42 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Samy\Desktop\tdsskiller.exe
[2012.11.09 18:18:43 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Samy\Desktop\aswMBR.exe
[2012.11.06 17:46:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Samy\Desktop\OTL.exe
[2012.11.06 17:32:32 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Mozilla
[2012.11.06 17:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.06 17:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012.11.06 17:31:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012.11.06 14:14:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Facebook
[2012.11.04 21:25:23 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\PerformerSoft
[2012.11.04 21:25:22 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.04 21:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.04 21:25:03 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\PhotoScape
[2012.11.04 21:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2012.11.04 21:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2012.11.04 21:24:26 | 018,376,624 | ---- | C] (Mooii) -- C:\Users\Samy\Desktop\PhotoScape_V3.6.2.exe
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\WinRAR
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.04 11:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.04 11:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.10.31 16:59:43 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Adobe
[2012.10.29 02:04:50 | 000,000,000 | ---D | C] -- C:\Users\Samy\Documents\Sumsi
[2012.10.27 22:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.16 20:25:48 | 000,000,000 | ---D | C] -- C:\Users\Samy\Documents\Schule
[2012.10.14 16:48:29 | 000,000,000 | ---D | C] -- C:\Windows\AutoRearm
[2012.10.14 16:48:07 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2012.10.14 16:32:38 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.10.14 16:32:37 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.10.14 16:32:37 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.10.14 16:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.10.14 16:32:31 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\TuneUp Software
[2012.10.14 16:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012.10.14 16:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.10.14 16:32:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.10.14 16:32:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.14 16:27:14 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Diagnostics
[2012.10.14 15:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.10.14 15:40:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.10.14 15:40:24 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.10.14 15:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.10.14 15:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.10.14 15:38:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Microsoft Help
[2012.10.14 15:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.10.14 15:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.10.14 15:37:48 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.10.14 09:56:28 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Mozilla
[2012.10.14 09:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.10.14 09:48:09 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Macromedia
[2012.10.14 09:47:50 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.10.14 09:47:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.10.14 09:47:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.10.14 09:47:38 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.10.14 09:47:38 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.10.14 09:47:37 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.10.14 09:47:36 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.10.14 09:47:36 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.10.14 09:47:32 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.10.14 09:47:32 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.10.14 09:47:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.10.14 09:47:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.10.14 09:47:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.10.14 09:47:32 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.10.14 09:47:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.10.14 09:47:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.10.14 09:47:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.10.14 09:47:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.10.14 09:47:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.10.14 09:47:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.10.14 09:47:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.10.14 09:47:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.10.14 09:47:32 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.10.14 09:47:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.10.14 09:47:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.10.14 09:47:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.10.14 09:47:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.10.14 09:47:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.10.14 09:47:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.10.14 09:47:27 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.10.14 09:47:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.10.14 09:47:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.10.14 09:47:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.10.14 09:47:26 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.10.14 09:47:26 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.14 09:47:26 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.10.14 09:47:24 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.10.14 09:47:17 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.10.14 09:46:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.10.14 09:46:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.14 09:46:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.10.14 09:46:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.10.14 09:46:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.10.14 09:46:36 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.10.14 09:46:34 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.10.14 09:46:34 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.10.14 09:46:32 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.10.14 09:46:32 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.10.14 09:46:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.10.14 09:46:30 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.10.14 09:46:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.10.14 09:45:13 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Google
[2012.10.14 09:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.10.14 09:45:11 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.14 09:45:11 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.14 09:45:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.10.14 09:45:09 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.10.14 09:45:08 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.14 09:45:08 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.14 09:45:05 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.14 09:45:05 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.14 09:44:33 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.14 09:44:32 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.14 09:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.10.14 09:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.10.14 09:39:35 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Adobe
[2012.10.14 09:37:44 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.10.14 09:37:44 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.10.14 09:37:44 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.10.14 09:37:42 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.10.14 09:37:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.10.14 09:37:42 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.10.14 09:37:39 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.10.14 09:37:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.10.13 21:13:18 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.13 21:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.10.13 21:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.10.13 21:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.10.13 21:12:23 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\DVDVideoSoft
[2012.10.13 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.10.13 20:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.10.13 20:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2012.10.13 20:45:22 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Roaming\Apple Computer
[2012.10.13 20:45:22 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Apple Computer
[2012.10.13 20:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.10.13 20:45:18 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.10.13 20:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.10.13 20:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.10.13 20:44:48 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Apple
[2012.10.13 20:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.10.13 20:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.10.13 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.10.13 20:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.10.13 20:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.10.13 20:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.10.13 20:38:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.10.13 20:38:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.10.13 20:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.10.13 20:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.10.13 20:28:14 | 000,000,000 | ---D | C] -- C:\Users\Samy\AppData\Local\Macromedia
[2012.10.13 20:23:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.10.13 20:16:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.10.13 20:16:59 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.10.13 20:16:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.10.13 20:16:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.10.13 20:16:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.10.13 20:16:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.10.13 20:16:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.10.13 20:16:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.10.13 20:16:57 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.10.13 20:16:57 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.10.13 20:16:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.10.13 20:16:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.10.13 20:16:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.10.13 20:16:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.10.13 20:16:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.12 19:48:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.12 19:46:42 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.12 17:58:47 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.12 17:58:47 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.12 17:55:56 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.12 17:55:56 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.12 17:55:56 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.12 17:55:56 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.12 17:55:56 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.11 22:12:06 | 000,541,569 | ---- | M] () -- C:\Users\Samy\Desktop\adwcleaner.exe
[2012.11.11 01:27:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.10 13:35:03 | 000,000,512 | ---- | M] () -- C:\Users\Samy\Desktop\MBR.dat
[2012.11.09 18:25:45 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Samy\Desktop\tdsskiller.exe
[2012.11.09 18:19:08 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Samy\Desktop\aswMBR.exe
[2012.11.06 17:46:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samy\Desktop\OTL.exe
[2012.11.06 17:44:42 | 000,000,000 | ---- | M] () -- C:\Users\Samy\defogger_reenable
[2012.11.06 17:32:25 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.06 17:31:07 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001UA.job
[2012.11.06 17:31:07 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001Core.job
[2012.11.04 21:28:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.04 21:24:57 | 000,001,033 | ---- | M] () -- C:\Users\Samy\Desktop\PhotoScape.lnk
[2012.11.04 21:24:40 | 018,376,624 | ---- | M] (Mooii) -- C:\Users\Samy\Desktop\PhotoScape_V3.6.2.exe
[2012.11.04 11:08:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.27 12:57:12 | 028,801,209 | ---- | M] () -- C:\Users\Samy\Documents\Dirty Dancing - Time of my Life (Final Dance) - High Quality.flv
[2012.10.27 12:30:31 | 025,928,950 | ---- | M] () -- C:\Users\Samy\Documents\Grease- You're the one that I want [HQ+lyrics].flv
[2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.10.14 18:41:04 | 000,416,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.10.14 15:34:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.14 09:45:11 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.13 21:24:14 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.10.13 21:24:14 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.10.13 21:13:16 | 000,001,400 | ---- | M] () -- C:\Users\Samy\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.13 21:09:44 | 038,749,336 | ---- | M] () -- C:\Users\Samy\Documents\One Day [Asaf Avidan] - Wankelmut[1].mp4
[2012.10.13 20:48:53 | 000,001,291 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.10.13 20:45:19 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 20:33:46 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.10.13 20:16:17 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== Files Created - No Company Name ==========
 
[2012.11.11 22:12:00 | 000,541,569 | ---- | C] () -- C:\Users\Samy\Desktop\adwcleaner.exe
[2012.11.11 01:27:09 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.10 13:35:03 | 000,000,512 | ---- | C] () -- C:\Users\Samy\Desktop\MBR.dat
[2012.11.06 17:44:42 | 000,000,000 | ---- | C] () -- C:\Users\Samy\defogger_reenable
[2012.11.06 17:32:25 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.06 17:32:24 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.06 14:14:19 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001UA.job
[2012.11.06 14:14:19 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2860004905-1908891862-404860254-1001Core.job
[2012.11.04 21:28:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.11.04 21:24:57 | 000,001,033 | ---- | C] () -- C:\Users\Samy\Desktop\PhotoScape.lnk
[2012.10.27 12:54:07 | 028,801,209 | ---- | C] () -- C:\Users\Samy\Documents\Dirty Dancing - Time of my Life (Final Dance) - High Quality.flv
[2012.10.27 12:27:41 | 025,928,950 | ---- | C] () -- C:\Users\Samy\Documents\Grease- You're the one that I want [HQ+lyrics].flv
[2012.10.14 16:32:36 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.10.14 15:34:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.10.14 09:45:11 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.14 09:45:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.10.13 21:13:16 | 000,001,400 | ---- | C] () -- C:\Users\Samy\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.13 21:09:10 | 038,749,336 | ---- | C] () -- C:\Users\Samy\Documents\One Day [Asaf Avidan] - Wankelmut[1].mp4
[2012.10.13 20:48:53 | 000,001,291 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.10.13 20:45:19 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.10.13 20:44:47 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.10.13 20:33:46 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.10.13 20:33:46 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.06.25 09:49:47 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.06.25 09:49:46 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.06.25 09:49:45 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.25 09:49:43 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.06.25 09:49:42 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.06.25 09:47:34 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.02.09 17:19:02 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2011.06.27 14:07:14 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2011.02.11 11:22:50 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 12.11.2012 19:50:15 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,96 Gb Available Physical Memory | 75,07% Memory free
7,90 Gb Paging File | 6,89 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,99 Gb Total Space | 418,74 Gb Free Space | 93,68% Space Free | Partition Type: NTFS
 
Computer Name: ATENCIONE | User Name: Samy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-2860004905-1908891862-404860254-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{38E41624-BFD2-4E3A-A2AF-660CFF34755C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005EB789-B6A1-4DE4-BE2F-7D5A5216C502}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{061E980C-F977-4E9D-B2E7-CB7947D703A9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{0F628ACD-2820-4A62-9E8F-CE88CC70C809}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{12D8E5E0-8B09-4DD3-BAC7-3D51A105B438}" = dir=in | app=c:\users\samy\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{1F15AACF-2DCC-4558-9EF1-FDFD50C6E424}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{2C463E6B-B7CB-4E3E-93FB-81554C2285C9}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe | 
"{43FBE201-E4F7-469C-940A-A55E34C6E3B6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{504F06BA-5204-4D41-9682-C3D729CC8856}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{5296031A-397C-45D4-AC36-5D44C8057739}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{6B221809-65D9-4103-8CFD-CE9DB608515D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{6E271075-192D-4E17-A796-5C1666231723}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{776021CB-B7BF-4FFC-87B6-0676DC667E36}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{7E77D1AE-4D93-42C4-B505-166F6FEEFE65}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{87E5C973-AAC4-4814-800E-AB2B2F1FCEB2}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{9C883636-1501-45B2-8152-5B375873EA6E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{ADD3F2A8-BC87-437D-A9E7-C3A80BA2DF42}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{C38EEB2A-09E9-45D0-A1E0-FDEE6717919E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CDCA5368-F949-4767-8901-D06C5244361E}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{D5A8DF18-DF69-45B9-A6F0-DD06ABE85FD6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{E36777D2-7974-4898-9877-617096DF522E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{FA88E7B2-B1B5-46BA-8167-AAEE4611E4AC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{FCB42ED9-FD1C-4383-9AB8-0FB587A28FEF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"TCP Query User{1A32DAFB-D72E-4E21-A6E4-349F094966A5}C:\users\samy\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\samy\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{FFB454FF-7FE0-45C3-9198-12EB99CDCC22}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{294437F7-222C-41B6-8BF2-9944EA853DC2}C:\users\samy\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\samy\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{75F7EB65-84E9-4849-876E-723269B021BE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88015100-B341-471F-8188-5900D11D3F3C}" = Alienware M11x Manual
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = AlienAutopsy
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"avast" = avast! Free Antivirus
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}" = Alienware On-Screen Display
"InstallShield_{88015100-B341-471F-8188-5900D11D3F3C}" = Alienware M11x Manual
"InstallShield_{CD4B350A-9328-4C1F-91D3-255EF2DA58FA}" = Alienware Command Center
"Integrated Webcam Live! Central" = Integrated Webcam Live! Central
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Professional 2010
"PhotoScape" = PhotoScape
"TuneUp Utilities 2013" = TuneUp Utilities 2013
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2860004905-1908891862-404860254-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Akamai" = Akamai NetSession Interface
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.11.2012 18:04:31 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.11.2012 13:00:18 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.11.2012 13:03:13 | Computer Name = atencione | Source = System Restore | ID = 8193
Description = 
 
Error - 09.11.2012 13:22:14 | Computer Name = atencione | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707, 
Zeitstempel: 0x509be8bf  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002e3be  ID des fehlerhaften
 Prozesses: 0xdbc  Startzeit der fehlerhaften Anwendung: 0x01cdbe9e96b53715  Pfad der
 fehlerhaften Anwendung: C:\Users\Samy\Desktop\aswMBR.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 00725b27-2a92-11e2-b9e0-08edb9dbf047
 
Error - 09.11.2012 13:24:38 | Computer Name = atencione | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707, 
Zeitstempel: 0x509be8bf  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002e3be  ID des fehlerhaften
 Prozesses: 0x9dc  Startzeit der fehlerhaften Anwendung: 0x01cdbe9eed31834d  Pfad der
 fehlerhaften Anwendung: C:\Users\Samy\Desktop\aswMBR.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 56649790-2a92-11e2-b9e0-08edb9dbf047
 
Error - 09.11.2012 15:42:54 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.11.2012 16:05:42 | Computer Name = atencione | Source = System Restore | ID = 8193
Description = 
 
Error - 09.11.2012 16:11:09 | Computer Name = atencione | Source = System Restore | ID = 8193
Description = 
 
Error - 10.11.2012 08:20:04 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.11.2012 10:54:08 | Computer Name = atencione | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 14.10.2012 10:34:15 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 10:34:16 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 10:34:17 | Computer Name = atencione | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.10.2012 13:40:40 | Computer Name = atencione | Source = Application Popup | ID = 877
Description = Fehler [DATABASE OPEN FAILED] beim Verarbeiten der Treiberdatenbank.
 
Error - 04.11.2012 06:16:14 | Computer Name = atencione | Source = Service Control Manager | ID = 7034
Description = Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist
 bereits 1 Mal passiert.
 
Error - 09.11.2012 13:33:18 | Computer Name = atencione | Source = DCOM | ID = 10005
Description = 
 
Error - 09.11.2012 13:33:18 | Computer Name = atencione | Source = Service Control Manager | ID = 7038
Description = Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 09.11.2012 13:33:18 | Computer Name = atencione | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1069
 
Error - 09.11.2012 13:33:18 | Computer Name = atencione | Source = Service Control Manager | ID = 7038
Description = Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 09.11.2012 13:33:18 | Computer Name = atencione | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1069
 
 
< End of report >

08.11.2012, 19:01	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Claro Search Alles hast du offensichtlich nicht durchgelesen Zumindest hast du dich nicht zu meiner Frage ganz unten geäußert. __________________ Logfiles bitte immer in CODE-Tags posten

11.11.2012, 22:20	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Claro Search Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB IBUpdaterService oder Babylon) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen. Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg. __________________ Logfiles bitte immer in CODE-Tags posten

Claro Search

Plagegeister aller Art und deren Bekämpfung: Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Claro Search

Ähnliche Themen: Claro Search

08.11.2012, 17:17	#3
Blaek	Claro Search Hallo Cosinus, Habe alles durchgelesen und gemacht Mfg, Blaek __________________

12.11.2012, 18:44	#13
Blaek	Claro Search Finde keines der aufgeführten Programm (Babylon, IB, PcPerformer) in der Systemsteuerung unter Programme und Funktionen