| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC Performer lässt sich nicht löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.11.2012, 20:52
| #1 |
 |  PC Performer lässt sich nicht löschen Hey Leute, ich wollte mir gestern ein Programm runterladen, welches eine Musikdatei in eine andere (CD in .mp3) konvertiert. Nach dem download (SOFTONIC!!) öffnete sich plötzlich PC Performer und hat einen Scan durchgeführt. Ich hab das Programm sofort geschlossen und versucht es per Systemsteuerung -> Programme und Funktionen zu löschen. Jedoch kommt die Nachricht "Messages file "C:\Program Files (x86)\PC Performer\unins000.msg" is missing. Please correct the problem or obtain a new copy of the program." Genauso wollte ich Browser Defender 3.0 löschen, aber es kam dieselbe Nachricht (unins. missing..). Hab danach einen Quick-Scan mit Malwarebytes durchgeführt und es hat paar Infektionen gefunden. Nach dem Neustart öffnet sich wieder PC Performer. Hatte aber nichts im Autostart davon gefunden. Hab das Programm nochmal runtergeladen, wodurch ich den Virus(?) bekommen habe, dennoch die gleiche Nachricht. Hab dann einen Vollscan durchgeführt, aber nichts gefunden. PC ist gefühlt langsamer geworden. Hab nun keine Ahnung ob es ein Virus ist, aber dieses automatische Öffnen beim Neustart nervt. Hoffe, Ihr könnte mir helfen. Vielen Dank. MfG |
|
12.11.2012, 23:31
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC Performer lässt sich nicht löschen Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Zitat:
__________________ |
|
13.11.2012, 13:14
| #3 |
| | PC Performer lässt sich nicht löschen Beim ersten Mal:
__________________Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.11.03 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19328 BozKurT :: BOZKURT-PC [Administrator] 11.11.2012 13:51:34 mbam-log-2012-11-11 (13-51-34).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 208936 Laufzeit: 6 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Keine Aktion durchgeführt. Infizierte Dateien: 1 C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Keine Aktion durchgeführt. (Ende) Beim zweitel Mal: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.12.02 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19328 BozKurT :: BOZKURT-PC [Administrator] 12.11.2012 13:23:53 mbam-log-2012-11-12 (13-23-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 207829 Laufzeit: 5 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 9 HKCR\CLSID\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440044504460} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550055505560} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0005060.BHO.1 (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Daten: Savings Sidekick -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Program Files (x86)\Savings Sidekick (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 10 C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\BozKurT\Desktop\PCPerformer_Softonic_Setup.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Savings SidekickInstaller.log (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\ButtonUtil.dll (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Savings Sidekick-bg.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ico (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ini (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Savings Sidekick\Uninstall.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\BozKurT\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
13.11.2012, 16:17
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschenCode:
ATTFilter C:\Users\BozKurT\Desktop\PCPerformer_Softonic_Setup.exe
 Finger weg von Softonic!!  Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic! 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.11.2012, 15:03
| #5 |
| | PC Performer lässt sich nicht löschen 1. aswMBR Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-14 13:59:18
-----------------------------
13:59:18.701 OS Version: Windows x64 6.0.6002 Service Pack 2
13:59:18.701 Number of processors: 4 586 0x1707
13:59:18.716 ComputerName: BOZKURT-PC UserName: BozKurT
13:59:23.117 Initialize success
14:02:14.081 AVAST engine defs: 12111400
14:02:28.745 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
14:02:28.745 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
14:02:28.761 Disk 0 MBR read successfully
14:02:28.761 Disk 0 MBR scan
14:02:28.761 Disk 0 unknown MBR code
14:02:28.776 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18432 MB offset 2048
14:02:28.807 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 467357 MB offset 37750784
14:02:28.854 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 468077 MB offset 994897953
14:02:28.917 Disk 0 scanning C:\Windows\system32\drivers
14:02:52.551 Service scanning
14:03:34.109 Modules scanning
14:03:34.109 Disk 0 trace - called modules:
14:03:34.125 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys storport.sys hal.dll nvstor64.sys
14:03:34.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ded060]
14:03:34.125 3 CLASSPNP.SYS[fffffa6001208c33] -> nt!IofCallDriver -> [0xfffffa8004d5e040]
14:03:34.140 5 PCTCore64.sys[fffffa6000ae9894] -> nt!IofCallDriver -> [0xfffffa8004cb3c20]
14:03:34.140 7 acpi.sys[fffffa6000947fde] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004c0c2f0]
14:03:36.090 AVAST engine scan C:\Windows
14:04:27.055 AVAST engine scan C:\Windows\system32
14:11:02.004 AVAST engine scan C:\Windows\system32\drivers
14:11:24.842 AVAST engine scan C:\Users\BozKurT
14:51:14.871 AVAST engine scan C:\ProgramData
14:54:39.397 Scan finished successfully
14:58:06.066 Disk 0 MBR has been saved successfully to "C:\Users\BozKurT\Desktop\MBR.dat"
14:58:06.144 The log file has been saved successfully to "C:\Users\BozKurT\Desktop\aswMBR.txt"
Code:
ATTFilter 15:01:26.0565 5608 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:01:27.0359 5608 ============================================================
15:01:27.0359 5608 Current date / time: 2012/11/14 15:01:27.0359
15:01:27.0359 5608 SystemInfo:
15:01:27.0359 5608
15:01:27.0359 5608 OS Version: 6.0.6002 ServicePack: 2.0
15:01:27.0359 5608 Product type: Workstation
15:01:27.0359 5608 ComputerName: BOZKURT-PC
15:01:27.0360 5608 UserName: BozKurT
15:01:27.0360 5608 Windows directory: C:\Windows
15:01:27.0360 5608 System windows directory: C:\Windows
15:01:27.0360 5608 Running under WOW64
15:01:27.0360 5608 Processor architecture: Intel x64
15:01:27.0360 5608 Number of processors: 4
15:01:27.0360 5608 Page size: 0x1000
15:01:27.0360 5608 Boot type: Normal boot
15:01:27.0360 5608 ============================================================
15:01:28.0700 5608 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:01:28.0820 5608 ============================================================
15:01:28.0820 5608 \Device\Harddisk0\DR0:
15:01:28.0820 5608 MBR partitions:
15:01:28.0820 5608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x390CE800
15:01:28.0820 5608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B4CF021, BlocksNum 0x392369A0
15:01:28.0820 5608 ============================================================
15:01:28.0870 5608 C: <-> \Device\Harddisk0\DR0\Partition1
15:01:28.0950 5608 D: <-> \Device\Harddisk0\DR0\Partition2
15:01:28.0950 5608 ============================================================
15:01:28.0950 5608 Initialize success
15:01:28.0950 5608 ============================================================
15:02:21.0442 5096 ============================================================
15:02:21.0442 5096 Scan started
15:02:21.0442 5096 Mode: Manual; SigCheck; TDLFS;
15:02:21.0442 5096 ============================================================
15:02:21.0816 5096 ================ Scan system memory ========================
15:02:21.0816 5096 System memory - ok
15:02:21.0816 5096 ================ Scan services =============================
15:02:22.0050 5096 [ 517D30057C726C797764BFD70A55D82A ] Acer HomeMedia Connect Service C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
15:02:22.0268 5096 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - warning
15:02:22.0268 5096 Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic (1)
15:02:22.0674 5096 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:02:22.0736 5096 ACPI - ok
15:02:22.0814 5096 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
15:02:22.0892 5096 adfs - ok
15:02:23.0017 5096 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:02:23.0080 5096 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
15:02:23.0080 5096 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
15:02:23.0189 5096 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:23.0220 5096 AdobeFlashPlayerUpdateSvc - ok
15:02:23.0267 5096 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:02:23.0360 5096 adp94xx - ok
15:02:23.0407 5096 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:02:23.0438 5096 adpahci - ok
15:02:23.0454 5096 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:02:23.0485 5096 adpu160m - ok
15:02:23.0501 5096 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:02:23.0532 5096 adpu320 - ok
15:02:23.0579 5096 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:02:23.0735 5096 AeLookupSvc - ok
15:02:23.0782 5096 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
15:02:23.0875 5096 AFD - ok
15:02:23.0906 5096 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:02:23.0922 5096 agp440 - ok
15:02:23.0984 5096 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:02:24.0031 5096 aic78xx - ok
15:02:24.0047 5096 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
15:02:24.0234 5096 ALG - ok
15:02:24.0250 5096 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
15:02:24.0281 5096 aliide - ok
15:02:24.0296 5096 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
15:02:24.0328 5096 amdide - ok
15:02:24.0359 5096 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:02:24.0452 5096 AmdK8 - ok
15:02:24.0484 5096 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
15:02:24.0546 5096 Appinfo - ok
15:02:24.0624 5096 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:02:24.0671 5096 Apple Mobile Device - ok
15:02:24.0686 5096 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
15:02:24.0733 5096 arc - ok
15:02:24.0780 5096 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:02:24.0796 5096 arcsas - ok
15:02:24.0842 5096 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:24.0905 5096 AsyncMac - ok
15:02:24.0952 5096 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
15:02:24.0983 5096 atapi - ok
15:02:25.0030 5096 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:02:25.0108 5096 AudioEndpointBuilder - ok
15:02:25.0139 5096 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:02:25.0186 5096 AudioSrv - ok
15:02:25.0248 5096 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
15:02:25.0342 5096 BFE - ok
15:02:25.0388 5096 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
15:02:25.0498 5096 BITS - ok
15:02:25.0544 5096 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:02:25.0622 5096 blbdrive - ok
15:02:25.0732 5096 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:02:25.0778 5096 Bonjour Service - ok
15:02:25.0810 5096 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:02:25.0888 5096 bowser - ok
15:02:25.0919 5096 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:02:25.0981 5096 BrFiltLo - ok
15:02:26.0012 5096 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:02:26.0075 5096 BrFiltUp - ok
15:02:26.0122 5096 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
15:02:26.0200 5096 Browser - ok
15:02:26.0371 5096 [ B715096179D63B88C5948B9A7EEB1088 ] Browser Defender Update Service C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
15:02:26.0480 5096 Browser Defender Update Service - ok
15:02:26.0512 5096 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
15:02:26.0683 5096 Brserid - ok
15:02:26.0699 5096 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:02:26.0808 5096 BrSerWdm - ok
15:02:26.0839 5096 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:02:26.0933 5096 BrUsbMdm - ok
15:02:26.0948 5096 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:02:27.0042 5096 BrUsbSer - ok
15:02:27.0089 5096 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:02:27.0167 5096 BTHMODEM - ok
15:02:27.0245 5096 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
15:02:27.0276 5096 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:27.0276 5096 BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
15:02:27.0338 5096 [ 19C8E65DC74D8240C3C8BE0F8751B17E ] camdrv42 C:\Windows\system32\DRIVERS\camdrv42.sys
15:02:27.0448 5096 camdrv42 - ok
15:02:27.0448 5096 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:02:27.0526 5096 cdfs - ok
15:02:27.0572 5096 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:02:27.0666 5096 cdrom - ok
15:02:27.0713 5096 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
15:02:27.0760 5096 CertPropSvc - ok
15:02:27.0791 5096 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
15:02:27.0869 5096 circlass - ok
15:02:27.0900 5096 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
15:02:27.0962 5096 CLFS - ok
15:02:28.0072 5096 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:02:28.0134 5096 clr_optimization_v2.0.50727_32 - ok
15:02:28.0243 5096 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:02:28.0290 5096 clr_optimization_v2.0.50727_64 - ok
15:02:28.0384 5096 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:02:28.0430 5096 clr_optimization_v4.0.30319_32 - ok
15:02:28.0477 5096 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:02:28.0524 5096 clr_optimization_v4.0.30319_64 - ok
15:02:28.0555 5096 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:02:28.0586 5096 cmdide - ok
15:02:28.0618 5096 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:02:28.0664 5096 Compbatt - ok
15:02:28.0664 5096 COMSysApp - ok
15:02:28.0696 5096 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:02:28.0711 5096 crcdisk - ok
15:02:28.0762 5096 [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:02:28.0842 5096 CryptSvc - ok
15:02:28.0902 5096 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:02:29.0012 5096 DcomLaunch - ok
15:02:29.0062 5096 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:02:29.0142 5096 DfsC - ok
15:02:29.0472 5096 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
15:02:29.0692 5096 DFSR - ok
15:02:29.0752 5096 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:02:29.0799 5096 Dhcp - ok
15:02:29.0853 5096 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
15:02:29.0899 5096 disk - ok
15:02:29.0912 5096 dlcd_device - ok
15:02:29.0947 5096 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:02:30.0000 5096 Dnscache - ok
15:02:30.0011 5096 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
15:02:30.0071 5096 dot3svc - ok
15:02:30.0129 5096 [ 74C02B1717740C3B8039539E23E4B53F ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:02:30.0193 5096 Dot4 - ok
15:02:30.0215 5096 [ 08321D1860235BF42CF2854234337AEA ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:02:30.0281 5096 Dot4Print - ok
15:02:30.0303 5096 [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:02:30.0362 5096 dot4usb - ok
15:02:30.0439 5096 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
15:02:30.0501 5096 DPS - ok
15:02:30.0560 5096 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:02:30.0625 5096 drmkaud - ok
15:02:30.0740 5096 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:02:30.0842 5096 DXGKrnl - ok
15:02:30.0904 5096 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
15:02:30.0967 5096 E1G60 - ok
15:02:31.0014 5096 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
15:02:31.0076 5096 EapHost - ok
15:02:31.0107 5096 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
15:02:31.0154 5096 Ecache - ok
15:02:31.0216 5096 [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:02:31.0279 5096 eDataSecurity Service - ok
15:02:31.0372 5096 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:02:31.0466 5096 ehRecvr - ok
15:02:31.0482 5096 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
15:02:31.0528 5096 ehSched - ok
15:02:31.0560 5096 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
15:02:31.0638 5096 ehstart - ok
15:02:31.0653 5096 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:02:31.0716 5096 elxstor - ok
15:02:31.0809 5096 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:02:31.0872 5096 EMDMgmt - ok
15:02:31.0934 5096 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:02:31.0996 5096 ErrDev - ok
15:02:32.0059 5096 [ C0FE39B8F686B7C70A666E716CC12B49 ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:02:32.0106 5096 ETService ( UnsignedFile.Multi.Generic ) - warning
15:02:32.0106 5096 ETService - detected UnsignedFile.Multi.Generic (1)
15:02:32.0152 5096 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
15:02:32.0199 5096 EventSystem - ok
15:02:32.0246 5096 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
15:02:32.0293 5096 exfat - ok
15:02:32.0324 5096 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:02:32.0402 5096 fastfat - ok
15:02:32.0449 5096 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:02:32.0511 5096 fdc - ok
15:02:32.0527 5096 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
15:02:32.0589 5096 fdPHost - ok
15:02:32.0605 5096 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
15:02:32.0698 5096 FDResPub - ok
15:02:32.0714 5096 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:02:32.0761 5096 FileInfo - ok
15:02:32.0776 5096 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:02:32.0823 5096 Filetrace - ok
15:02:32.0854 5096 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:02:32.0901 5096 flpydisk - ok
15:02:32.0932 5096 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:02:32.0964 5096 FltMgr - ok
15:02:33.0073 5096 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
15:02:33.0166 5096 FontCache - ok
15:02:33.0244 5096 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:02:33.0276 5096 FontCache3.0.0.0 - ok
15:02:33.0307 5096 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:02:33.0385 5096 Fs_Rec - ok
15:02:33.0416 5096 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:02:33.0463 5096 gagp30kx - ok
15:02:33.0525 5096 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:02:33.0556 5096 GEARAspiWDM - ok
15:02:33.0681 5096 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
15:02:33.0728 5096 gpsvc - ok
15:02:33.0853 5096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:02:33.0884 5096 gupdate - ok
15:02:33.0915 5096 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:02:33.0931 5096 gupdatem - ok
15:02:33.0978 5096 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:02:34.0040 5096 gusvc - ok
15:02:34.0087 5096 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:02:34.0196 5096 HdAudAddService - ok
15:02:34.0274 5096 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:02:34.0383 5096 HDAudBus - ok
15:02:34.0399 5096 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:02:34.0492 5096 HidBth - ok
15:02:34.0524 5096 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:02:34.0633 5096 HidIr - ok
15:02:34.0680 5096 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
15:02:34.0758 5096 hidserv - ok
15:02:34.0789 5096 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:02:34.0851 5096 HidUsb - ok
15:02:34.0882 5096 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
15:02:34.0960 5096 hkmsvc - ok
15:02:35.0023 5096 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:02:35.0038 5096 HpCISSs - ok
15:02:35.0163 5096 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:02:35.0210 5096 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0210 5096 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:02:35.0226 5096 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:02:35.0257 5096 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0257 5096 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:02:35.0304 5096 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:02:35.0428 5096 HTTP - ok
15:02:35.0460 5096 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:02:35.0475 5096 i2omp - ok
15:02:35.0522 5096 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:02:35.0584 5096 i8042prt - ok
15:02:35.0662 5096 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:02:35.0694 5096 iaStorV - ok
15:02:35.0787 5096 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:02:35.0834 5096 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0834 5096 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:02:35.0896 5096 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:02:36.0006 5096 idsvc - ok
15:02:36.0037 5096 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:02:36.0084 5096 iirsp - ok
15:02:36.0115 5096 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
15:02:36.0177 5096 IKEEXT - ok
15:02:36.0240 5096 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
15:02:36.0286 5096 int15 - ok
15:02:36.0349 5096 [ 023EB98945069178C21B324B880AD787 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:02:36.0427 5096 IntcAzAudAddService - ok
15:02:36.0474 5096 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
15:02:36.0505 5096 intelide - ok
15:02:36.0520 5096 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:02:36.0583 5096 intelppm - ok
15:02:36.0614 5096 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:02:36.0676 5096 IPBusEnum - ok
15:02:36.0708 5096 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:02:36.0770 5096 IpFilterDriver - ok
15:02:36.0801 5096 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:02:36.0864 5096 iphlpsvc - ok
15:02:36.0879 5096 IpInIp - ok
15:02:36.0910 5096 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:02:36.0957 5096 IPMIDRV - ok
15:02:36.0973 5096 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:02:37.0066 5096 IPNAT - ok
15:02:37.0113 5096 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:02:37.0238 5096 iPod Service - ok
15:02:37.0254 5096 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:02:37.0347 5096 IRENUM - ok
15:02:37.0363 5096 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:02:37.0410 5096 isapnp - ok
15:02:37.0441 5096 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:02:37.0472 5096 iScsiPrt - ok
15:02:37.0503 5096 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:02:37.0519 5096 iteatapi - ok
15:02:37.0534 5096 Iteidelr - ok
15:02:37.0597 5096 [ 25D0DACC04EADA6DCBC0B1E46F309759 ] ITEIO.SYS c:\Windows\System32\drivers\ITEIO.sys
15:02:37.0628 5096 ITEIO.SYS ( UnsignedFile.Multi.Generic ) - warning
15:02:37.0628 5096 ITEIO.SYS - detected UnsignedFile.Multi.Generic (1)
15:02:37.0675 5096 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:02:37.0690 5096 iteraid - ok
15:02:37.0706 5096 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:02:37.0753 5096 kbdclass - ok
15:02:37.0784 5096 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:02:37.0862 5096 kbdhid - ok
15:02:37.0893 5096 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
15:02:37.0956 5096 KeyIso - ok
15:02:38.0002 5096 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:02:38.0049 5096 KSecDD - ok
15:02:38.0065 5096 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:02:38.0112 5096 ksthunk - ok
15:02:38.0158 5096 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
15:02:38.0236 5096 KtmRm - ok
15:02:38.0252 5096 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:02:38.0314 5096 LanmanServer - ok
15:02:38.0361 5096 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:02:38.0439 5096 LanmanWorkstation - ok
15:02:38.0470 5096 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:02:38.0502 5096 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:02:38.0502 5096 LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:02:38.0517 5096 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:02:38.0580 5096 lltdio - ok
15:02:38.0626 5096 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:02:38.0689 5096 lltdsvc - ok
15:02:38.0720 5096 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:02:38.0782 5096 lmhosts - ok
15:02:38.0798 5096 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:02:38.0829 5096 LSI_FC - ok
15:02:38.0845 5096 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:02:38.0892 5096 LSI_SAS - ok
15:02:38.0907 5096 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:02:38.0938 5096 LSI_SCSI - ok
15:02:38.0970 5096 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
15:02:39.0048 5096 luafv - ok
15:02:39.0079 5096 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:02:39.0126 5096 MBAMProtector - ok
15:02:39.0188 5096 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:02:39.0250 5096 MBAMScheduler - ok
15:02:39.0282 5096 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:02:39.0360 5096 MBAMService - ok
15:02:39.0438 5096 [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:02:39.0484 5096 McAfee SiteAdvisor Service - ok
15:02:39.0562 5096 [ 5F2E238661F79CC2D0347F0265BF0063 ] mcmscsvc C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
15:02:39.0609 5096 mcmscsvc - ok
15:02:39.0734 5096 [ AA490BFB95998686AF46FDCD8093443B ] McNASvc c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
15:02:39.0859 5096 McNASvc - ok
15:02:39.0921 5096 [ 573D566B19D66087E0204252BE8DBBB4 ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
15:02:39.0968 5096 McODS - ok
15:02:40.0030 5096 [ 5A8D1ACD2070B8261236D5484AE63721 ] McProxy c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
15:02:40.0062 5096 McProxy - ok
15:02:40.0093 5096 [ 4E1F46A3E8EB9B3014D836C0A07F36BF ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
15:02:40.0140 5096 McShield - ok
15:02:40.0171 5096 [ 9C2BA4C40B94D049539AD99235715A9A ] McSysmon C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
15:02:40.0280 5096 McSysmon - ok
15:02:40.0311 5096 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:02:40.0342 5096 Mcx2Svc - ok
15:02:40.0389 5096 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
15:02:40.0405 5096 megasas - ok
15:02:40.0420 5096 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
15:02:40.0467 5096 MegaSR - ok
15:02:40.0498 5096 [ E9266B1BE3B2110277E5F1071F05F3D9 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
15:02:40.0530 5096 mfeavfk - ok
15:02:40.0545 5096 [ 4216409C03FACEB8331708884B7C8ABB ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
15:02:40.0608 5096 mfehidk - ok
15:02:40.0623 5096 [ 87A4B421520BCDC3EB9C2E39292DD81D ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
15:02:40.0639 5096 mferkdk - ok
15:02:40.0654 5096 [ 03A7B08BEB5D607F801AB455F87A6508 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
15:02:40.0670 5096 mfesmfk - ok
15:02:40.0764 5096 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:02:40.0795 5096 Microsoft Office Groove Audit Service - ok
15:02:40.0810 5096 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
15:02:40.0888 5096 MMCSS - ok
15:02:40.0920 5096 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
15:02:40.0966 5096 Modem - ok
15:02:40.0998 5096 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:02:41.0060 5096 monitor - ok
15:02:41.0076 5096 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:02:41.0107 5096 mouclass - ok
15:02:41.0138 5096 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:02:41.0200 5096 mouhid - ok
15:02:41.0216 5096 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:02:41.0247 5096 MountMgr - ok
15:02:41.0341 5096 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:02:41.0388 5096 MozillaMaintenance - ok
15:02:41.0434 5096 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:02:41.0481 5096 MpFilter - ok
15:02:41.0512 5096 [ E843A4295A3381347B4CD17C5DE4090A ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
15:02:41.0544 5096 MPFP - ok
15:02:41.0590 5096 [ DE51C0969EE26777D2D10C5CF70538FA ] MpfService C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
15:02:41.0637 5096 MpfService - ok
15:02:41.0668 5096 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
15:02:41.0700 5096 mpio - ok
15:02:41.0715 5096 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:02:41.0778 5096 mpsdrv - ok
15:02:41.0824 5096 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
15:02:41.0934 5096 MpsSvc - ok
15:02:41.0949 5096 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:02:41.0965 5096 Mraid35x - ok
15:02:42.0012 5096 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:02:42.0058 5096 MRxDAV - ok
15:02:42.0090 5096 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:02:42.0136 5096 mrxsmb - ok
15:02:42.0152 5096 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:02:42.0199 5096 mrxsmb10 - ok
15:02:42.0214 5096 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:02:42.0246 5096 mrxsmb20 - ok
15:02:42.0277 5096 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys
15:02:42.0308 5096 msahci - ok
15:02:42.0324 5096 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:02:42.0355 5096 msdsm - ok
15:02:42.0370 5096 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
15:02:42.0448 5096 MSDTC - ok
15:02:42.0480 5096 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:02:42.0542 5096 Msfs - ok
15:02:42.0589 5096 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:02:42.0604 5096 msisadrv - ok
15:02:42.0651 5096 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:02:42.0714 5096 MSiSCSI - ok
15:02:42.0714 5096 msiserver - ok
15:02:42.0776 5096 [ 9A55CFA5F970BB407C7F639D19578A89 ] MSK80Service C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
15:02:42.0807 5096 MSK80Service - ok
15:02:42.0838 5096 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:02:42.0916 5096 MSKSSRV - ok
15:02:42.0994 5096 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:02:43.0041 5096 MsMpSvc - ok
15:02:43.0041 5096 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:02:43.0119 5096 MSPCLOCK - ok
15:02:43.0135 5096 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:02:43.0228 5096 MSPQM - ok
15:02:43.0244 5096 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:02:43.0291 5096 MsRPC - ok
15:02:43.0306 5096 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:02:43.0353 5096 mssmbios - ok
15:02:43.0384 5096 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:02:43.0462 5096 MSTEE - ok
15:02:43.0478 5096 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
15:02:43.0509 5096 Mup - ok
15:02:43.0556 5096 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
15:02:43.0634 5096 napagent - ok
15:02:43.0696 5096 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:02:43.0728 5096 NativeWifiP - ok
15:02:43.0790 5096 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:02:43.0852 5096 NDIS - ok
15:02:43.0884 5096 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:02:43.0962 5096 NdisTapi - ok
15:02:43.0977 5096 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:02:44.0055 5096 Ndisuio - ok
15:02:44.0071 5096 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:02:44.0133 5096 NdisWan - ok
15:02:44.0164 5096 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:02:44.0211 5096 NDProxy - ok
15:02:44.0227 5096 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:02:44.0242 5096 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:02:44.0242 5096 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:02:44.0258 5096 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:02:44.0336 5096 NetBIOS - ok
15:02:44.0367 5096 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:02:44.0445 5096 netbt - ok
15:02:44.0461 5096 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
15:02:44.0492 5096 Netlogon - ok
15:02:44.0508 5096 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
15:02:44.0617 5096 Netman - ok
15:02:44.0632 5096 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
15:02:44.0726 5096 netprofm - ok
15:02:44.0757 5096 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:02:44.0804 5096 NetTcpPortSharing - ok
15:02:44.0820 5096 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:02:44.0866 5096 nfrd960 - ok
15:02:44.0898 5096 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:02:44.0944 5096 NisDrv - ok
15:02:44.0976 5096 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
15:02:45.0038 5096 NisSrv - ok
15:02:45.0069 5096 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
15:02:45.0147 5096 NlaSvc - ok
15:02:45.0194 5096 [ C9773EF9CBF2877725A45F07396D5DA6 ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
15:02:45.0225 5096 nmwcdx64 - ok
15:02:45.0272 5096 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:02:45.0334 5096 Npfs - ok
15:02:45.0350 5096 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
15:02:45.0428 5096 nsi - ok
15:02:45.0444 5096 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:02:45.0506 5096 nsiproxy - ok
15:02:45.0568 5096 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:02:45.0662 5096 Ntfs - ok
15:02:45.0709 5096 [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:02:45.0756 5096 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:45.0756 5096 NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
15:02:45.0787 5096 [ 7D397449AAF52B0E7C79B64F6AD4473E ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
15:02:45.0818 5096 NTIDrvr - ok
15:02:45.0834 5096 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:02:45.0865 5096 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:45.0865 5096 NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
15:02:45.0880 5096 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
15:02:45.0958 5096 Null - ok
15:02:46.0005 5096 [ 98350606682594521D56ECCB5D01ECF7 ] NVENETFD C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:02:46.0177 5096 NVENETFD - ok
15:02:46.0208 5096 [ 6E022D5F44CD8B029CF799807BB31269 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:02:46.0224 5096 NVHDA - ok
15:02:46.0489 5096 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:02:47.0128 5096 nvlddmkm - ok
15:02:47.0144 5096 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:02:47.0191 5096 nvraid - ok
15:02:47.0222 5096 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:02:47.0253 5096 nvstor - ok
15:02:47.0269 5096 [ 581286807B5832503FD700A3217B589F ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
15:02:47.0284 5096 nvstor64 - ok
15:02:47.0331 5096 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:02:47.0347 5096 nvsvc - ok
15:02:47.0378 5096 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:02:47.0425 5096 nv_agp - ok
15:02:47.0425 5096 NwlnkFlt - ok
15:02:47.0425 5096 NwlnkFwd - ok
15:02:47.0503 5096 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:02:47.0565 5096 odserv - ok
15:02:47.0612 5096 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:02:47.0674 5096 ohci1394 - ok
15:02:47.0690 5096 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:02:47.0737 5096 ose - ok
15:02:47.0799 5096 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:02:47.0908 5096 p2pimsvc - ok
15:02:47.0924 5096 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
15:02:47.0971 5096 p2psvc - ok
15:02:47.0986 5096 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
15:02:48.0064 5096 Parport - ok
15:02:48.0096 5096 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:02:48.0127 5096 partmgr - ok
15:02:48.0267 5096 [ A3333663E400B6327E0A0B98CAD20A24 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
15:02:48.0408 5096 PC Performer Manager - ok
15:02:48.0423 5096 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
15:02:48.0454 5096 PcaSvc - ok
15:02:48.0501 5096 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
15:02:48.0517 5096 pci - ok
15:02:48.0564 5096 [ 2657F6C0B78C36D95034BE109336E382 ] pciide C:\Windows\system32\drivers\pciide.sys
15:02:48.0579 5096 pciide - ok
15:02:48.0610 5096 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:02:48.0642 5096 pcmcia - ok
15:02:48.0688 5096 [ BF907EC8C6783E861246C8060E788334 ] PCTCore C:\Windows\system32\drivers\PCTCore64.sys
15:02:48.0720 5096 PCTCore - ok
15:02:48.0766 5096 [ FF43E3B1687E4E2140DE6349EA5C7372 ] pctDS C:\Windows\system32\drivers\pctDS64.sys
15:02:48.0798 5096 pctDS - ok
15:02:48.0813 5096 [ 60E9A05852AF7E9CB11237C00AEE4CCF ] pctEFA C:\Windows\system32\drivers\pctEFA64.sys
15:02:48.0891 5096 pctEFA - ok
15:02:48.0922 5096 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:02:49.0047 5096 PEAUTH - ok
15:02:49.0110 5096 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:02:49.0203 5096 PerfHost - ok
15:02:49.0266 5096 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
15:02:49.0422 5096 pla - ok
15:02:49.0453 5096 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:02:49.0515 5096 PlugPlay - ok
15:02:49.0546 5096 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:02:49.0578 5096 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:02:49.0578 5096 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:02:49.0609 5096 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:02:49.0671 5096 PNRPAutoReg - ok
15:02:49.0702 5096 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:02:49.0749 5096 PNRPsvc - ok
15:02:49.0796 5096 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:02:49.0874 5096 PolicyAgent - ok
15:02:49.0905 5096 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:02:49.0968 5096 PptpMiniport - ok
15:02:49.0983 5096 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
15:02:50.0046 5096 Processor - ok
15:02:50.0077 5096 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
15:02:50.0124 5096 ProfSvc - ok
15:02:50.0124 5096 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:02:50.0155 5096 ProtectedStorage - ok
15:02:50.0202 5096 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:02:50.0264 5096 PSched - ok
15:02:50.0280 5096 [ 2CFD31D41CDE75328ACAEEE2D4F4B836 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
15:02:50.0311 5096 PSDFilter - ok
15:02:50.0326 5096 [ 51A585F999672D8BB07F22AE12B40846 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
15:02:50.0373 5096 PSDNServ - ok
15:02:50.0389 5096 [ DB50D3F5C31B1A848B04F7F2A6FF2709 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:02:50.0404 5096 psdvdisk - ok
15:02:50.0451 5096 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:02:50.0623 5096 ql2300 - ok
15:02:50.0670 5096 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:02:50.0701 5096 ql40xx - ok
15:02:50.0716 5096 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
15:02:50.0763 5096 QWAVE - ok
15:02:50.0794 5096 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:02:50.0826 5096 QWAVEdrv - ok
15:02:50.0857 5096 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:02:50.0919 5096 RasAcd - ok
15:02:50.0935 5096 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
15:02:50.0982 5096 RasAuto - ok
15:02:51.0013 5096 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:02:51.0060 5096 Rasl2tp - ok
15:02:51.0091 5096 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
15:02:51.0122 5096 RasMan - ok
15:02:51.0169 5096 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:02:51.0231 5096 RasPppoe - ok
15:02:51.0262 5096 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:02:51.0309 5096 RasSstp - ok
15:02:51.0340 5096 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:02:51.0387 5096 rdbss - ok
15:02:51.0403 5096 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:02:51.0465 5096 RDPCDD - ok
15:02:51.0481 5096 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:02:51.0574 5096 rdpdr - ok
15:02:51.0574 5096 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:02:51.0637 5096 RDPENCDD - ok
15:02:51.0684 5096 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:02:51.0746 5096 RDPWD - ok
15:02:51.0762 5096 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:02:51.0824 5096 RemoteAccess - ok
15:02:51.0855 5096 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:02:51.0918 5096 RemoteRegistry - ok
15:02:51.0949 5096 [ A035A7BF5132682F53F1E7B955690CE7 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
15:02:52.0027 5096 RichVideo ( UnsignedFile.Multi.Generic ) - warning
15:02:52.0027 5096 RichVideo - detected UnsignedFile.Multi.Generic (1)
15:02:52.0042 5096 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
15:02:52.0120 5096 RpcLocator - ok
15:02:52.0167 5096 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
15:02:52.0214 5096 RpcSs - ok
15:02:52.0261 5096 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:02:52.0323 5096 rspndr - ok
15:02:52.0323 5096 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
15:02:52.0354 5096 SamSs - ok
15:02:52.0386 5096 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:02:52.0401 5096 sbp2port - ok
15:02:52.0448 5096 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:02:52.0495 5096 SCardSvr - ok
15:02:52.0542 5096 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
15:02:52.0651 5096 Schedule - ok
15:02:52.0666 5096 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:02:52.0729 5096 SCPolicySvc - ok
15:02:52.0744 5096 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:02:52.0822 5096 SDRSVC - ok
15:02:52.0838 5096 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:02:52.0916 5096 secdrv - ok
15:02:52.0932 5096 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
15:02:52.0994 5096 seclogon - ok
15:02:53.0025 5096 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
15:02:53.0103 5096 SENS - ok
15:02:53.0134 5096 [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:02:53.0212 5096 Serenum - ok
15:02:53.0228 5096 [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:02:53.0306 5096 Serial - ok
15:02:53.0337 5096 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:02:53.0400 5096 sermouse - ok
15:02:53.0431 5096 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
15:02:53.0493 5096 SessionEnv - ok
15:02:53.0509 5096 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:02:53.0571 5096 sffdisk - ok
15:02:53.0602 5096 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:02:53.0665 5096 sffp_mmc - ok
15:02:53.0680 5096 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:02:53.0743 5096 sffp_sd - ok
15:02:53.0758 5096 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:02:53.0836 5096 sfloppy - ok
15:02:53.0852 5096 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:02:53.0946 5096 SharedAccess - ok
15:02:53.0977 5096 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:02:54.0039 5096 ShellHWDetection - ok
15:02:54.0055 5096 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:02:54.0086 5096 SiSRaid2 - ok
15:02:54.0102 5096 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:02:54.0148 5096 SiSRaid4 - ok
15:02:54.0226 5096 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
15:02:54.0398 5096 slsvc - ok
15:02:54.0429 5096 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:02:54.0492 5096 SLUINotify - ok
15:02:54.0523 5096 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:02:54.0585 5096 Smb - ok
15:02:54.0601 5096 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:02:54.0663 5096 SNMPTRAP - ok
15:02:54.0694 5096 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
15:02:54.0741 5096 spldr - ok
15:02:54.0772 5096 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
15:02:54.0835 5096 Spooler - ok
15:02:54.0882 5096 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
15:02:54.0975 5096 srv - ok
15:02:55.0006 5096 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:02:55.0069 5096 srv2 - ok
15:02:55.0116 5096 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:02:55.0162 5096 srvnet - ok
15:02:55.0194 5096 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:02:55.0287 5096 SSDPSRV - ok
15:02:55.0303 5096 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:02:55.0365 5096 SstpSvc - ok
15:02:55.0381 5096 Steam Client Service - ok
15:02:55.0428 5096 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
15:02:55.0506 5096 stisvc - ok
15:02:55.0537 5096 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:02:55.0584 5096 swenum - ok
15:02:55.0615 5096 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
15:02:55.0724 5096 swprv - ok
15:02:55.0740 5096 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:02:55.0771 5096 Symc8xx - ok
15:02:55.0786 5096 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:02:55.0833 5096 Sym_hi - ok
15:02:55.0849 5096 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:02:55.0896 5096 Sym_u3 - ok
15:02:55.0942 5096 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
15:02:56.0052 5096 SysMain - ok
15:02:56.0083 5096 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:02:56.0130 5096 TabletInputService - ok
15:02:56.0176 5096 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:02:56.0254 5096 TapiSrv - ok
15:02:56.0270 5096 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
15:02:56.0348 5096 TBS - ok
15:02:56.0395 5096 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:02:56.0520 5096 Tcpip - ok
15:02:56.0566 5096 [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:02:56.0644 5096 Tcpip6 - ok
15:02:56.0660 5096 [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:02:56.0738 5096 tcpipreg - ok
15:02:56.0785 5096 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:02:56.0847 5096 TDPIPE - ok
15:02:56.0863 5096 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:02:56.0925 5096 TDTCP - ok
15:02:56.0956 5096 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:02:57.0019 5096 tdx - ok
15:02:57.0034 5096 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:02:57.0066 5096 TermDD - ok
15:02:57.0112 5096 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
15:02:57.0206 5096 TermService - ok
15:02:57.0237 5096 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
15:02:57.0268 5096 Themes - ok
15:02:57.0284 5096 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
15:02:57.0331 5096 THREADORDER - ok
15:02:57.0362 5096 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
15:02:57.0424 5096 TrkWks - ok
15:02:57.0471 5096 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:02:57.0534 5096 TrustedInstaller - ok
15:02:57.0565 5096 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:02:57.0627 5096 tssecsrv - ok
15:02:57.0643 5096 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:02:57.0674 5096 tunmp - ok
15:02:57.0736 5096 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:02:57.0783 5096 tunnel - ok
15:02:57.0799 5096 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:02:57.0846 5096 uagp35 - ok
15:02:57.0877 5096 [ 00C8CE31657624A125FDB90EFD554371 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:02:57.0892 5096 UBHelper - ok
15:02:57.0924 5096 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:02:58.0002 5096 udfs - ok
15:02:58.0048 5096 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:02:58.0095 5096 UI0Detect - ok
15:02:58.0111 5096 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:02:58.0142 5096 uliagpkx - ok
15:02:58.0158 5096 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:02:58.0204 5096 uliahci - ok
15:02:58.0220 5096 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:02:58.0251 5096 UlSata - ok
15:02:58.0282 5096 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:02:58.0314 5096 ulsata2 - ok
15:02:58.0329 5096 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:02:58.0376 5096 umbus - ok
15:02:58.0407 5096 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
15:02:58.0485 5096 upnphost - ok
15:02:58.0532 5096 [ F49988FBF59413B974B1380D6F743EBC ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:02:58.0579 5096 upperdev - ok
15:02:58.0626 5096 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:02:58.0657 5096 USBAAPL64 - ok
15:02:58.0704 5096 [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:02:58.0766 5096 usbaudio - ok
15:02:58.0813 5096 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:02:58.0875 5096 usbccgp - ok
15:02:58.0906 5096 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:02:59.0000 5096 usbcir - ok
15:02:59.0031 5096 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:02:59.0078 5096 usbehci - ok
15:02:59.0109 5096 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:02:59.0187 5096 usbhub - ok
15:02:59.0203 5096 [ E406B003A354776D317762694956B0FC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:02:59.0234 5096 usbohci - ok
15:02:59.0250 5096 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:02:59.0296 5096 usbprint - ok
15:02:59.0328 5096 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:02:59.0374 5096 usbscan - ok
15:02:59.0406 5096 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\DRIVERS\usbser.sys
15:02:59.0452 5096 usbser - ok
15:02:59.0484 5096 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:02:59.0530 5096 USBSTOR - ok
15:02:59.0546 5096 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:02:59.0577 5096 usbuhci - ok
15:02:59.0608 5096 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
15:02:59.0655 5096 UxSms - ok
15:02:59.0702 5096 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
15:02:59.0764 5096 vds - ok
15:02:59.0796 5096 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:02:59.0858 5096 vga - ok
15:02:59.0889 5096 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:02:59.0936 5096 VgaSave - ok
15:02:59.0952 5096 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
15:02:59.0983 5096 viaide - ok
15:03:00.0014 5096 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:03:00.0045 5096 volmgr - ok
15:03:00.0076 5096 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:03:00.0108 5096 volmgrx - ok
15:03:00.0170 5096 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:03:00.0201 5096 volsnap - ok
15:03:00.0217 5096 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:03:00.0264 5096 vsmraid - ok
15:03:00.0342 5096 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
15:03:00.0451 5096 VSS - ok
15:03:00.0498 5096 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
15:03:00.0576 5096 W32Time - ok
15:03:00.0607 5096 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:03:00.0685 5096 WacomPen - ok
15:03:00.0732 5096 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:03:00.0810 5096 Wanarp - ok
15:03:00.0825 5096 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:03:00.0856 5096 Wanarpv6 - ok
15:03:00.0888 5096 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:03:00.0966 5096 wcncsvc - ok
15:03:01.0012 5096 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:03:01.0059 5096 WcsPlugInService - ok
15:03:01.0075 5096 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
15:03:01.0106 5096 Wd - ok
15:03:01.0137 5096 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:03:01.0246 5096 Wdf01000 - ok
15:03:01.0246 5096 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:03:01.0324 5096 WdiServiceHost - ok
15:03:01.0324 5096 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:03:01.0371 5096 WdiSystemHost - ok
15:03:01.0402 5096 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
15:03:01.0449 5096 WebClient - ok
15:03:01.0480 5096 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:03:01.0558 5096 Wecsvc - ok
15:03:01.0574 5096 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:03:01.0621 5096 wercplsupport - ok
15:03:01.0636 5096 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
15:03:01.0714 5096 WerSvc - ok
15:03:01.0746 5096 WinDefend - ok
15:03:01.0746 5096 WinHttpAutoProxySvc - ok
15:03:01.0808 5096 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:03:01.0886 5096 Winmgmt - ok
15:03:01.0964 5096 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
15:03:02.0104 5096 WinRM - ok
15:03:02.0167 5096 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:03:02.0276 5096 Wlansvc - ok
15:03:02.0401 5096 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:03:02.0572 5096 wlidsvc - ok
15:03:02.0588 5096 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:03:02.0650 5096 WmiAcpi - ok
15:03:02.0682 5096 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:03:02.0744 5096 wmiApSrv - ok
15:03:02.0775 5096 WMPNetworkSvc - ok
15:03:02.0806 5096 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:03:02.0884 5096 WPCSvc - ok
15:03:02.0916 5096 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:03:02.0978 5096 WPDBusEnum - ok
15:03:03.0025 5096 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
15:03:03.0056 5096 WpdUsb - ok
15:03:03.0196 5096 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:03:03.0306 5096 WPFFontCache_v0400 - ok
15:03:03.0337 5096 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:03:03.0399 5096 ws2ifsl - ok
15:03:03.0446 5096 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
15:03:03.0477 5096 wscsvc - ok
15:03:03.0493 5096 WSearch - ok
15:03:03.0586 5096 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:03:03.0758 5096 wuauserv - ok
15:03:03.0805 5096 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:03:03.0867 5096 WUDFRd - ok
15:03:03.0883 5096 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:03:03.0945 5096 wudfsvc - ok
15:03:03.0961 5096 ================ Scan global ===============================
15:03:03.0992 5096 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:03:04.0023 5096 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
15:03:04.0070 5096 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
15:03:04.0117 5096 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:03:04.0117 5096 [Global] - ok
15:03:04.0117 5096 ================ Scan MBR ==================================
15:03:04.0117 5096 [ EF932EAA6EF4C94E66A7F6CEEC7EB422 ] \Device\Harddisk0\DR0
15:03:06.0379 5096 \Device\Harddisk0\DR0 - ok
15:03:06.0379 5096 ================ Scan VBR ==================================
15:03:06.0394 5096 [ 562D07A5574EB0955335B97C4F9B9FC0 ] \Device\Harddisk0\DR0\Partition1
15:03:06.0394 5096 \Device\Harddisk0\DR0\Partition1 - ok
15:03:06.0410 5096 [ F8B8C5C2497F390B51106855E4014694 ] \Device\Harddisk0\DR0\Partition2
15:03:06.0410 5096 \Device\Harddisk0\DR0\Partition2 - ok
15:03:06.0410 5096 ============================================================
15:03:06.0410 5096 Scan finished
15:03:06.0410 5096 ============================================================
15:03:06.0426 3248 Detected object count: 14
15:03:06.0426 3248 Actual detected object count: 14
15:03:42.0181 3248 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248 Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0181 3248 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0181 3248 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248 BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0196 3248 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0196 3248 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0196 3248 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0196 3248 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0196 3248 ITEIO.SYS ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248 ITEIO.SYS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:03:42.0212 3248 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
14.11.2012, 16:42
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschen Mach bitte einen CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> PC Performer lässt sich nicht löschen |
|
15.11.2012, 10:28
| #7 |
| | PC Performer lässt sich nicht löschenCode:
ATTFilter OTL logfile created on: 15.11.2012 10:08:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 48,18% Memory free
8,19 Gb Paging File | 5,59 Gb Available in Paging File | 68,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 315,46 Gb Free Space | 69,12% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.11.15 10:07:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BozKurT\Downloads\OTL(1).exe
PRC - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
PRC - [2012.10.28 14:26:30 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
PRC - [2012.10.28 14:26:16 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
PRC - [2012.10.09 22:01:14 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.14 12:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
PRC - [2011.04.12 09:44:38 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2011.04.12 09:44:36 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2009.03.23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
PRC - [2009.03.19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009.01.09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
PRC - [2009.01.09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2009.01.09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
PRC - [2009.01.08 20:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
PRC - [2009.01.08 20:30:26 | 000,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.07.29 17:52:56 | 000,454,704 | ---- | M] (Egis inc.) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
PRC - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 03:50:17 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
MOD - [2012.11.02 19:59:20 | 002,139,168 | ---- | M] () -- c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll
MOD - [2012.10.28 14:26:16 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\mozjs.dll
MOD - [2012.10.09 22:01:13 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008.04.28 09:49:20 | 000,003,072 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
========== Services (SafeList) ==========
SRV:64bit: - [2007.01.16 23:35:02 | 000,566,768 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlcdcoms.exe -- (dlcd_device)
SRV - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe -- (PC Performer Manager)
SRV - [2012.10.28 14:26:30 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 22:01:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.06.15 11:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.02.04 23:16:19 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.12 09:44:36 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.04.01 13:21:30 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.25 09:59:30 | 000,153,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.03.23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe -- (McSysmon)
SRV - [2009.03.19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.01.09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - [2009.01.09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.01.09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe -- (McProxy)
SRV - [2009.01.08 20:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008.08.19 14:27:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.02.29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.10 09:07:24 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010.07.16 13:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010.06.29 09:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.04.11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser.sys -- (usbser)
DRV:64bit: - [2009.03.25 10:06:22 | 000,307,400 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.03.25 10:06:22 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.03.25 10:06:22 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.03.25 09:59:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2008.10.23 13:08:54 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008.08.05 05:29:26 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008.07.29 17:53:50 | 000,060,976 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008.07.29 17:53:50 | 000,021,040 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008.07.29 17:53:48 | 000,022,064 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.05.02 09:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008.05.02 09:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008.02.25 15:29:24 | 000,013,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ITEIO.sys -- (ITEIO.SYS)
DRV:64bit: - [2008.01.31 01:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.31 01:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2007.04.23 14:44:12 | 001,533,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\camdrv42.sys -- (camdrv42)
DRV - [2008.08.19 14:23:00 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4512_8&babsrc=SP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=85396978-02C6-4A68-872D-01726847A8DD&apn_sauid=67FAE059-6309-46A6-9C51-F1E2ACB5FAB1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.311
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.04.17 13:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.23 17:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012.11.11 13:26:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.11.12 13:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions
[2009.08.28 19:07:11 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2012.11.12 13:09:18 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com
[2012.11.12 13:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2011.07.29 12:42:16 | 000,002,396 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\mozilla\firefox\profiles\bah1vfjy.default\searchplugins\askcom.xml
[2010.12.25 22:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.15 15:08:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.25 10:59:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 21:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.23 22:43:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012.08.23 17:53:45 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll) - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {D5005030-010B-41D1-07B3-63CCF8A9E4B3} - Java (Sun)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FAB81162-41D7-22A6-A67B-3052AB752D8D} - Internet Explorer
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~2\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - i420vfw.dll File not found
Drivers32: vidc.yv12 - yv12vfw.dll File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.11.13 13:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barons
[2012.11.13 13:49:12 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.11.12 20:35:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\{75D5AD27-FC92-4063-A18F-FE1A2BD7E256}
[2012.11.12 13:09:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\Savings Sidekick
[2012.11.11 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2012.11.11 13:26:31 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.11 13:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012.11.11 13:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012.11.11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2012.11.11 13:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.11 13:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2012.11.11 13:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2012.11.11 13:03:00 | 000,000,000 | ---D | C] -- C:\TOEFL
[2012.11.11 12:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2012.11.11 12:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2012.11.09 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.10.28 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
[2012.10.27 00:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.27 00:14:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.27 00:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
========== Files - Modified Within 30 Days ==========
[2012.11.15 10:17:55 | 001,486,574 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 10:17:55 | 000,643,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 10:17:55 | 000,608,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 10:17:55 | 000,134,094 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 10:17:55 | 000,109,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.15 10:01:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.15 10:00:06 | 000,101,323 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2012.11.15 09:59:36 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.11.15 09:59:36 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.11.15 09:59:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012.11.15 09:59:19 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.15 09:59:17 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:59:16 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:59:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.14 22:27:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.14 22:23:45 | 000,002,655 | ---- | M] () -- C:\Users\BozKurT\Desktop\Microsoft Office Word 2007.lnk
[2012.11.14 19:29:08 | 000,321,378 | ---- | M] () -- C:\Windows\SULO.xml
[2012.11.14 17:04:11 | 000,000,075 | ---- | M] () -- C:\Windows\userList.xml
[2012.11.14 15:02:17 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.11.14 14:58:06 | 000,000,512 | ---- | M] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.14 13:26:09 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.14 13:08:16 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{02699C6C-8FF1-48F0-B164-29AFEDC7D129}.job
[2012.11.13 17:04:12 | 000,321,548 | ---- | M] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:52:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:49:12 | 147,368,448 | ---- | M] () -- C:\Toefl.msi
[2012.10.28 20:24:46 | 002,594,369 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.10.28 20:24:40 | 002,682,765 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
========== Files Created - No Company Name ==========
[2012.11.14 19:29:08 | 000,321,378 | ---- | C] () -- C:\Windows\SULO.xml
[2012.11.14 14:58:06 | 000,000,512 | ---- | C] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.13 17:04:12 | 000,321,548 | ---- | C] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:55:26 | 000,000,075 | ---- | C] () -- C:\Windows\userList.xml
[2012.11.13 13:52:33 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toefl.lnk
[2012.11.13 13:52:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:50:00 | 147,368,448 | ---- | C] () -- C:\Toefl.msi
[2012.11.11 13:26:38 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.11 13:26:38 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.10.28 20:24:12 | 002,682,765 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
[2012.10.28 20:24:12 | 002,594,369 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.07.21 19:00:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.02.05 14:49:49 | 000,001,235 | ---- | C] () -- C:\Users\BozKurT\Free YouTube to MP3 Converter.lnk
[2011.10.04 17:40:21 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2011.08.10 15:19:08 | 000,107,520 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.07.03 09:15:17 | 000,000,732 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
[2011.04.17 13:06:42 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\Users\BozKurT\AppData\Local\5d1e4t7jkc1e052e11b1pvh
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\ProgramData\5d1e4t7jkc1e052e11b1pvh
[2011.02.10 15:31:33 | 001,516,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.12 20:56:49 | 000,001,356 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.02.18 22:41:54 | 000,000,600 | ---- | C] () -- C:\Users\BozKurT\PUTTY.RND
[2009.04.02 22:42:33 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2009.03.19 13:28:41 | 000,167,936 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Acer GameZone Console
[2012.10.27 00:22:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Ameki
[2012.11.11 12:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Audacity
[2012.11.11 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2011.06.29 07:15:42 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Daopu
[2012.09.20 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoft
[2011.08.26 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.11 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EA
[2012.11.11 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.05.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Epson
[2009.08.12 20:03:24 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\eSobi
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.06.24 17:38:39 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FileZilla
[2011.10.04 17:37:33 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FreePDF
[2010.11.23 15:32:17 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\GetRightToGo
[2010.12.29 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Gify
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2009.11.16 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\LimeWire
[2012.06.23 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\OpenCandy
[2012.11.11 13:26:32 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2011.01.12 20:55:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Siri
[2009.08.27 18:57:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\StreamTorrent
[2009.04.02 23:01:20 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TwonkyMedia
[2012.10.18 12:08:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\UseNeXT
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.03.18 12:57:35 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.27 16:50:40 | 000,000,000 | ---D | M] -- C:\2e62187dcbb202b728464787d57ca8
[2009.04.29 20:35:32 | 000,000,000 | ---D | M] -- C:\ACER
[2009.03.18 12:56:36 | 000,000,000 | ---D | M] -- C:\ACERSW
[2010.06.25 11:23:21 | 000,000,000 | ---D | M] -- C:\bc404cac2a095de0d1768adc38
[2008.10.31 20:18:22 | 000,000,000 | ---D | M] -- C:\Book
[2009.08.01 00:49:18 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 16:42:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.03.18 12:50:42 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.11.26 17:35:56 | 000,000,000 | ---D | M] -- C:\games
[2008.10.31 19:34:51 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.08.12 21:09:21 | 000,000,000 | ---D | M] -- C:\NarutoPage
[2010.02.08 15:04:43 | 000,000,000 | ---D | M] -- C:\Netgear
[2008.01.21 04:04:13 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.09 16:23:42 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.13 13:51:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.12 13:10:49 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.03.18 12:50:42 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.11.15 10:11:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.11 13:03:01 | 000,000,000 | ---D | M] -- C:\TOEFL
[2009.03.18 12:54:01 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.15 09:59:46 | 000,000,000 | ---D | M] -- C:\Windows
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.11.11 13:26:15 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Acer GameZone Console
[2012.11.07 21:08:22 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Adobe
[2012.10.27 00:22:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Ameki
[2010.06.23 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Apple Computer
[2012.11.11 12:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Audacity
[2012.11.11 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2009.07.05 18:22:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\CyberLink
[2011.06.29 07:15:42 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Daopu
[2010.08.26 12:37:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DivX
[2012.10.17 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\dvdcss
[2012.09.20 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoft
[2011.08.26 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.11 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EA
[2012.11.11 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.05.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Epson
[2009.08.12 20:03:24 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\eSobi
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.06.24 17:38:39 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FileZilla
[2011.10.04 17:37:33 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FreePDF
[2010.11.23 15:32:17 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\GetRightToGo
[2010.12.29 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Gify
[2009.03.18 13:51:36 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Google
[2009.11.01 12:25:27 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\HP
[2009.03.18 12:56:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Identities
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2009.11.16 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\LimeWire
[2009.03.18 12:58:27 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Macromedia
[2011.04.17 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Media Center Programs
[2012.06.09 14:49:31 | 000,000,000 | --SD | M] -- C:\Users\BozKurT\AppData\Roaming\Microsoft
[2009.03.24 13:52:52 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Mozilla
[2012.06.23 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\OpenCandy
[2012.11.11 13:26:32 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2011.01.12 20:55:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Siri
[2009.08.27 18:57:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\StreamTorrent
[2009.11.25 20:40:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TVU networks
[2009.04.02 23:01:20 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TwonkyMedia
[2012.10.18 12:08:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\UseNeXT
[2009.03.27 15:22:19 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\vlc
[2009.03.20 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.09.29 19:29:09 | 000,006,144 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\DetectOpenGLConsole.exe
[2009.09.29 19:29:08 | 000,005,120 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\DownloadSourcePhotoConsole.exe
[2009.10.11 18:32:08 | 000,030,208 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\FileDownloadConsole.exe
[2009.09.30 18:15:50 | 000,013,312 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\PhotoFaceConsole.exe
[2009.09.29 19:29:04 | 000,009,216 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\UploadPhotofitConsole.exe
[2009.11.16 19:33:22 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009.11.16 19:33:24 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.11.16 19:33:24 | 000,014,848 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009.11.16 19:33:24 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.11.16 19:33:24 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.11.16 19:33:24 | 000,018,432 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.11.16 19:33:24 | 000,014,336 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009.11.16 19:33:25 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.11.16 19:33:25 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2010.11.06 00:16:34 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\BozKurT\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2012.06.23 13:38:22 | 005,152,544 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\OpenCandy\82DA78CAACB04E7DBE7C05220327D39F\TuneUpUtilities2012_de-DE_1002175-p1v1.exe
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
< %SYSTEMROOT%\System32\config\*.sav >
< %SYSTEMROOT%\*. /mp /s >
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4F636E25
< End of report >
|
|
15.11.2012, 17:26
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschen Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2012.07.21 19:00:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4F636E25
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2012, 23:02
| #9 |
| | PC Performer lässt sich nicht löschen Hab den Code eingegeben und auf Fix geklickt. Programm bleibt bei Code:
ATTFilter [emptytemp]
[resethosts]
------------------------------------------------------- Hat sich doch etwas getan. Neustart und dieses Script: Code:
ATTFilter All processes killed
========== OTL ==========
C:\ProgramData\0tbpw.pad moved successfully.
C:\Users\BozKurT\AppData\Roaming\Iqwoy folder moved successfully.
C:\Users\BozKurT\AppData\Roaming\Eztycu folder moved successfully.
Folder C:\Users\BozKurT\AppData\Roaming\Iqwoy\ not found.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\BozKurT\Downloads\cmd.bat deleted successfully.
C:\Users\BozKurT\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: BozKurT
->Temp folder emptied: 73439795 bytes
->Temporary Internet Files folder emptied: 2668292 bytes
->Java cache emptied: 32338174 bytes
->FireFox cache emptied: 58149293 bytes
->Flash cache emptied: 2800925 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170251 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53212 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 162,00 mb
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.69.0 log created on 11152012_225220
Files\Folders moved on Reboot...
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\startupCache\startupCache.4.little moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_001_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_002_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_003_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\urlclassifier3.sqlite moved successfully.
File\Folder C:\Windows\temp\mcafee_TqFToQeNUwHN3aC not found!
File\Folder C:\Windows\temp\mcafee_ZU8at1VDhp3TcWe not found!
File\Folder C:\Windows\temp\mcmsc_5qFYqu06jlIeZyy not found!
File\Folder C:\Windows\temp\mcmsc_Odb78ryVvsed243 not found!
File\Folder C:\Windows\temp\sqlite_cZGFoBnCJj3no6h not found!
File\Folder C:\Windows\temp\sqlite_S1zSX3gDFz4FBsZ not found!
File\Folder C:\Windows\temp\sqlite_UgFis78XNnWFbvo not found!
File\Folder C:\Windows\temp\sqlite_YndnMcYLBZQDuAF not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Geändert von sacet (15.11.2012 um 23:14 Uhr) |
|
16.11.2012, 09:34
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschen adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 10:00
| #11 |
| | PC Performer lässt sich nicht löschen adwCleaner: Code:
ATTFilter # AdwCleaner v2.007 - Datei am 16/11/2012 um 10:00:10 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : BozKurT - BOZKURT-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\BozKurT\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : PC Performer Manager
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\searchplugins\Askcom.xml
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\pc performer manager
Ordner Gefunden : C:\Users\BozKurT\AppData\Local\Savings Sidekick
Ordner Gefunden : C:\Users\BozKurT\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\BozKurT\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19328
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\prefs.js
Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=[...]
Gefunden : user_pref("avg.install.userSPSettings", "Claro Search");
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=451[...]
Gefunden : user_pref("extensions.claro.admin", false);
Gefunden : user_pref("extensions.claro.aflt", "babsst");
Gefunden : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gefunden : user_pref("extensions.claro.dfltLng", "en");
Gefunden : user_pref("extensions.claro.excTlbr", false);
Gefunden : user_pref("extensions.claro.id", "860a142b0000000000000021974c2d90");
Gefunden : user_pref("extensions.claro.instlDay", "15655");
Gefunden : user_pref("extensions.claro.instlRef", "sst");
Gefunden : user_pref("extensions.claro.prdct", "claro");
Gefunden : user_pref("extensions.claro.prtnrId", "claro");
Gefunden : user_pref("extensions.claro.tlbrId", "claro");
Gefunden : user_pref("extensions.claro.tlbrSrchUrl", "");
Gefunden : user_pref("extensions.claro.vrsn", "1.8.3.10");
Gefunden : user_pref("extensions.claro.vrsni", "1.8.3.10");
Gefunden : user_pref("extensions.claro_i.smplGrp", "none");
Gefunden : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1013:26:43");
*************************
AdwCleaner[R1].txt - [6161 octets] - [16/11/2012 10:00:10]
########## EOF - C:\AdwCleaner[R1].txt - [6221 octets] ##########
|
|
16.11.2012, 11:37
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschen Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB Babylon oder Conduit) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen. Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 14:15
| #13 |
| | PC Performer lässt sich nicht löschen Ich finde keines der genannten Programmen in der Systemsteuerung. |
|
16.11.2012, 15:23
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC Performer lässt sich nicht löschen adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 17:18
| #15 |
| | PC Performer lässt sich nicht löschen adwCleaner: Code:
ATTFilter # AdwCleaner v2.007 - Datei am 16/11/2012 um 16:33:57 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : BozKurT - BOZKURT-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\BozKurT\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : PC Performer Manager
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\ProgramData\Babylon
Gelöscht mit Neustart : C:\ProgramData\pc performer manager
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Local\Savings Sidekick
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Roaming\Babylon
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19328
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90 --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\prefs.js
C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\user.js ... Gelöscht !
Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=[...]
Gelöscht : user_pref("avg.install.userSPSettings", "Claro Search");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=451[...]
Gelöscht : user_pref("extensions.claro.admin", false);
Gelöscht : user_pref("extensions.claro.aflt", "babsst");
Gelöscht : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gelöscht : user_pref("extensions.claro.dfltLng", "en");
Gelöscht : user_pref("extensions.claro.excTlbr", false);
Gelöscht : user_pref("extensions.claro.id", "860a142b0000000000000021974c2d90");
Gelöscht : user_pref("extensions.claro.instlDay", "15655");
Gelöscht : user_pref("extensions.claro.instlRef", "sst");
Gelöscht : user_pref("extensions.claro.prdct", "claro");
Gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Gelöscht : user_pref("extensions.claro.tlbrId", "claro");
Gelöscht : user_pref("extensions.claro.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.claro.vrsn", "1.8.3.10");
Gelöscht : user_pref("extensions.claro.vrsni", "1.8.3.10");
Gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1013:26:43");
*************************
AdwCleaner[R1].txt - [6284 octets] - [16/11/2012 10:00:10]
AdwCleaner[S2].txt - [5916 octets] - [16/11/2012 16:33:57]
########## EOF - C:\AdwCleaner[S2].txt - [5976 octets] ##########
OTL: Code:
ATTFilter OTL logfile created on: 16.11.2012 17:00:33 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,25% Memory free
8,19 Gb Paging File | 5,87 Gb Available in Paging File | 71,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 309,66 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\BozKurT\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
PRC - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
========== Modules (No Company Name) ==========
MOD - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (dlcd_device) -- C:\Windows\SysNative\dlcdcoms.exe ( )
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\DRIVERS\usbser.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\Drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (ITEIO.SYS) -- C:\Windows\SysNative\drivers\ITEIO.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (camdrv42) -- C:\Windows\SysNative\DRIVERS\camdrv42.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4512_8&babsrc=SP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.311
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.04.17 13:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.23 17:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.11.12 13:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions
[2009.08.28 19:07:11 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2012.11.12 13:09:18 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com
[2012.11.12 13:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2010.12.25 22:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.15 15:08:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.25 10:59:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 21:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.23 22:43:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012.08.23 17:53:45 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2012.11.15 23:06:47 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll) - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.15 22:52:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.13 13:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barons
[2012.11.13 13:49:12 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.11.12 20:35:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\{75D5AD27-FC92-4063-A18F-FE1A2BD7E256}
[2012.11.11 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2012.11.11 13:26:31 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.11 13:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012.11.11 13:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012.11.11 13:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2012.11.11 13:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2012.11.11 13:03:00 | 000,000,000 | ---D | C] -- C:\TOEFL
[2012.11.11 12:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2012.11.11 12:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2012.11.09 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.09 21:57:55 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.11.09 21:57:55 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.11.09 21:57:21 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.11.09 21:57:21 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.11.09 21:57:20 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.28 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
[2012.10.27 00:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.27 00:14:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.27 00:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
========== Files - Modified Within 30 Days ==========
[2012.11.16 17:01:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.16 16:43:29 | 001,486,574 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.16 16:43:29 | 000,643,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.16 16:43:29 | 000,608,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.16 16:43:29 | 000,134,094 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.16 16:43:29 | 000,109,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.16 16:36:33 | 000,101,477 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2012.11.16 16:36:32 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.11.16 16:36:32 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.11.16 16:36:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012.11.16 16:36:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 16:36:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 16:36:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.16 16:35:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 16:31:35 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.11.16 16:30:24 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.16 13:03:11 | 003,205,460 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012.11.15 17:15:21 | 000,321,469 | ---- | M] () -- C:\Windows\0303.xml
[2012.11.15 16:59:08 | 000,000,075 | ---- | M] () -- C:\Windows\userList.xml
[2012.11.15 15:07:46 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{02699C6C-8FF1-48F0-B164-29AFEDC7D129}.job
[2012.11.15 13:33:28 | 000,321,475 | ---- | M] () -- C:\Windows\sulo.xml
[2012.11.14 22:23:45 | 000,002,655 | ---- | M] () -- C:\Users\BozKurT\Desktop\Microsoft Office Word 2007.lnk
[2012.11.14 14:58:06 | 000,000,512 | ---- | M] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.14 13:26:09 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.13 17:04:12 | 000,321,548 | ---- | M] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:52:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:49:12 | 147,368,448 | ---- | M] () -- C:\Toefl.msi
[2012.11.09 21:57:10 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.11.09 21:57:02 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.11.09 21:57:02 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.11.09 21:57:01 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.11.09 21:56:59 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.11.09 21:56:59 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.10.28 20:24:46 | 002,594,369 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.10.28 20:24:40 | 002,682,765 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
========== Files Created - No Company Name ==========
[2012.11.15 17:15:21 | 000,321,469 | ---- | C] () -- C:\Windows\0303.xml
[2012.11.14 19:29:08 | 000,321,475 | ---- | C] () -- C:\Windows\sulo.xml
[2012.11.14 14:58:06 | 000,000,512 | ---- | C] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.13 17:04:12 | 000,321,548 | ---- | C] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:55:26 | 000,000,075 | ---- | C] () -- C:\Windows\userList.xml
[2012.11.13 13:52:33 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toefl.lnk
[2012.11.13 13:52:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:50:00 | 147,368,448 | ---- | C] () -- C:\Toefl.msi
[2012.11.11 13:26:38 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.11 13:26:38 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.10.28 20:24:12 | 002,682,765 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
[2012.10.28 20:24:12 | 002,594,369 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.02.05 14:49:49 | 000,001,235 | ---- | C] () -- C:\Users\BozKurT\Free YouTube to MP3 Converter.lnk
[2011.10.04 17:40:21 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2011.08.10 15:19:08 | 000,107,520 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.07.03 09:15:17 | 000,000,732 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
[2011.04.17 13:06:42 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\Users\BozKurT\AppData\Local\5d1e4t7jkc1e052e11b1pvh
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\ProgramData\5d1e4t7jkc1e052e11b1pvh
[2011.02.10 15:31:33 | 001,516,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.12 20:56:49 | 000,001,356 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.02.18 22:41:54 | 000,000,600 | ---- | C] () -- C:\Users\BozKurT\PUTTY.RND
[2009.04.02 22:42:33 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2009.03.19 13:28:41 | 000,167,936 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTL Extras: Code:
ATTFilter OTL Extras logfile created on: 16.11.2012 17:00:33 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,25% Memory free
8,19 Gb Paging File | 5,87 Gb Available in Paging File | 71,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 309,66 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = F6 35 FB 8D 39 12 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EA9521A-ED3D-4F1A-A26F-215FDC4234C8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{4A101931-4909-4598-B020-66C7735B8C61}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{885D92FF-33F6-451B-A8BB-A99A89857698}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A9688549-46C8-4869-9B7A-F8BB9A277EF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C4E14446-3138-4F84-AAF1-47A3A762AE2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00474D64-1C7B-4B8D-A39A-E9ED75E69593}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\stylish488\condition zero\hl.exe |
"{0557832D-91C8-413F-9941-55696C6448AE}" = dir=in | app=c:\users\bozkurt\desktop\pcp_claro.exe |
"{05BCD669-7C32-48BD-851E-7A9DF488282F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0B019A50-6BDC-4501-90C0-B63C38C713BE}" = dir=out | app=c:\users\bozkurt\desktop\pcp_claro.exe |
"{14015AE9-338D-4532-BAA9-5A8E066381EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{17747848-77A9-49A4-97DC-F4D4FFE8C7B8}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{18D05AC2-2FFA-4893-87BB-11B6327EE1A3}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{194BF7ED-026C-4250-9A3C-EAD39F1E9AE0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{1A70900D-51D6-4CC4-943D-835296B580DE}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{20C572AD-2A77-423A-BCE8-D65AA0621399}" = protocol=6 | dir=in | app=c:\windows\system32\dlcdcoms.exe |
"{22AEAC19-7B25-4215-9DA6-4E5CB341A274}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{23D852BF-1B67-478B-9A83-669F4F2E1BB1}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{27EAF37D-502F-4765-9861-E8334E682798}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\stylish488\condition zero\hl.exe |
"{362A493D-8664-4C0E-BD15-5A483E117D84}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3D4FBDEB-8A99-4FBC-AF3E-E12AB24F2763}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3EA701C1-9725-4C6F-9873-17C3228EBB08}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{456738B4-3BB4-4908-B2BB-61D7B15A2D86}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{48EE1BF2-DF85-4744-8D58-80D14E9F1D58}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{5090FD8D-754A-4310-A93E-6E3406DB76D3}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{553F2116-FE0A-4E3D-B9EB-7EF2ABF84454}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{586A56C2-0363-4BB5-8006-D398E39A80BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5A453006-3E0E-4BD2-A8F6-74C62E7260EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5D0A555F-9FFA-48FA-B115-D5441A34D13F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{5E0473DD-4B16-411D-9C8D-48CD1D1D1B3D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{604799C7-A6CC-4925-9534-183E1CEEAAE0}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{669BAC8A-063B-42C4-AA3F-043DFBDBEDE9}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{6C4518BE-72C3-48CE-BF12-71D4BCCA4D31}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{6E8A63C4-29E0-45DA-85A9-C8D90E2F37F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{76A38D04-BCE3-455F-8CF9-B812FF0A2037}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{7AFF19B5-35DE-492A-858A-054D63CF83C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{7D609A58-E572-4751-B564-7886C5437416}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{803EED67-006E-41D2-9690-47025AF8EF0D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{89D8EF40-7C4B-43FD-96E9-28D2F3AA746F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{8C173849-05FD-4F8E-BD8E-02CEAF9EA945}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C916A98-DF73-4374-97DF-D51C0694F474}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{9A052F3E-AF77-497C-A908-FEAF9EA66F65}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9A22B3A4-A801-4BE1-A2BA-98DCB057C5EC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9C241572-98AF-49D1-BEE5-4656F0128492}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{B147995B-6C59-4E86-B409-C1EDFF994073}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{B32263AA-EBEB-4CC4-9FD8-09608FD31B0F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{B59FAFDC-11B2-4F93-99BA-AA1FC1BFD2A7}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{B7AF7615-FA0D-43E0-AB1D-3B4370FA6138}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C1B0AB57-3966-447E-AFA5-ED1F95DF4DFD}" = protocol=17 | dir=in | app=c:\windows\system32\dlcdcoms.exe |
"{C2007AE0-4A52-4E98-AF86-E54349FECB6F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C77D5E72-55FD-417C-A3C5-734919B4D6F2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C8A3CD3A-5E86-402F-B3DB-045728C28C57}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D1A81DA6-A6F6-4BE1-BAF7-59C4EC24D296}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{D4D460F0-37A7-49AC-ADFC-33458236B3D9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{D599E5EE-6C89-4B73-9979-D5A8C31294DB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E06FBCE3-3A84-4651-B3D6-11086927268B}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E4AA1109-23EF-46A7-A23C-10A6CCF4DA8F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{F49B581F-F7B0-462E-8533-690A3052A735}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8B2C435-8737-431E-8784-24CD13B0B821}" = PE585QAEncoder-64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{7500B4F1-0D53-40EC-8D5B-31BE996529E2}" = Toefl
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Browser Defender_is1" = Browser Defender 3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON BX535WD Series Netg" = Netzwerkhandbuch EPSON BX535WD Series
"EPSON BX535WD Series Useg" = Benutzerhandbuch EPSON BX535WD Series
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"IpodConverter_is1" = IpodConverter 1.1
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"PC Performer_is1" = PC Performer
"UnityWebPlayer" = Unity Web Player
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 0.9.8a
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Play65" = Play65
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2012 11:32:39 | Computer Name = BozKurT-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\BozKurT\Downloads\SoftonicDownloader_fuer_pc-performer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
widersprüchlichen Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Error - 16.11.2012 11:37:08 | Computer Name = BozKurT-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.11.2012 12:00:17 | Computer Name = BozKurT-PC | Source = Application Hang | ID = 1002
Description = Programm OTL(1).exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 14b0 Anfangszeit: 01cdc410d1052029 Zeitpunkt der Beendigung:
0
[ OSession Events ]
Error - 14.12.2010 10:32:05 | Computer Name = BozKurT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 90
seconds with 60 seconds of active time. This session ended with a crash.
Error - 22.05.2012 09:38:21 | Computer Name = BozKurT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5744
seconds with 3240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12.11.2012 11:12:34 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12.11.2012 11:12:43 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12.11.2012 11:12:43 | Computer Name = BozKurT-PC | Source = DCOM | ID = 10005
Description =
Error - 12.11.2012 11:12:45 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 12.11.2012 11:15:23 | Computer Name = BozKurT-PC | Source = Microsoft Antimalware | ID = 2004
Description = Beim Laden der Signaturen wurde von %%860 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x80070002 Fehlerbeschreibung: Das System kann die
angegebene Datei nicht finden. Signaturversion: 1.139.1833.0;1.139.1833.0 Modulversion:
1.1.8904.0
Error - 13.11.2012 08:47:03 | Computer Name = BozKurT-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 14.11.2012 09:36:14 | Computer Name = BozKurT-PC | Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error - 15.11.2012 17:52:20 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 15.11.2012 17:52:21 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 16.11.2012 04:57:24 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Bei Mozilla erscheint die Nachricht, dass ein anderes Programm auf meinem Computer folgendes Add-On modifizieren will: Savings Sidekick 0.85.37. Installation erlauben oder weiter? |
|
| Themen zu PC Performer lässt sich nicht löschen |
| ahnung, automatische, autostart, browser, defender, download, file, files, geschlossen, langsamer, leute, löschen, malwarebytes, messages, neustart, nicht löschen, nichts, pc performer, performer, please, plötzlich, problem, programm, programme, programme und funktionen, scan, systemsteuerung, virus |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
