|
Plagegeister aller Art und deren Bekämpfung: Maleware System Progressive Protection löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.11.2012, 20:49 | #1 |
| Maleware System Progressive Protection löschen Guten Tag, ich habe ein Problem mit dem oben genannten Trojaner, und zwar kriege ich den einfach nicht weg (auf win7 64bit) Ich habe es nach diese Anleitung versucht: http://www.trojaner-board.de/126021-...ntfernung.html Aber ich kam nur bis zum Defogger. Dies lief noch ohne Probleme aber nun lässt sich das OTL nicht mehr öffnen und der Deofgger kann ich auch nicht mehr öffnen. Könnt ihr mir vieleicht weiter helfen? Ach ja der Virus ,,unterdrückt'' jedes Programm dass ich öffnen will, also könnte es noch schwierig werden.. Mfg Tschumi EDIT: Ich habe es jetzt trozdem noch geschaft und hier sind die Logfiles (UTorrent wurde mitlerweile deinstalliert) : Geändert von tschumi (26.11.2012 um 21:12 Uhr) |
27.11.2012, 12:40 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Maleware System Progressive Protection löschen Hallo und
__________________Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Schon irgendwelche Scans mit anderen Tools gemacht? Log mit Funden da? Siehe => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
28.11.2012, 18:08 | #3 |
| Maleware System Progressive Protection löschen Hier noch die gewünschten Logs:
__________________Code:
ATTFilter 21:08:23.0401 5076 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:08:23.0635 5076 ============================================================ 21:08:23.0635 5076 Current date / time: 2012/11/26 21:08:23.0635 21:08:23.0635 5076 SystemInfo: 21:08:23.0635 5076 21:08:23.0635 5076 OS Version: 6.1.7601 ServicePack: 1.0 21:08:23.0635 5076 Product type: Workstation 21:08:23.0635 5076 ComputerName: DINU-STEG 21:08:23.0635 5076 UserName: dinu 21:08:23.0635 5076 Windows directory: C:\Windows 21:08:23.0635 5076 System windows directory: C:\Windows 21:08:23.0635 5076 Running under WOW64 21:08:23.0635 5076 Processor architecture: Intel x64 21:08:23.0635 5076 Number of processors: 4 21:08:23.0635 5076 Page size: 0x1000 21:08:23.0635 5076 Boot type: Normal boot 21:08:23.0635 5076 ============================================================ 21:08:24.0555 5076 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 21:08:24.0555 5076 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:08:30.0780 5076 Drive \Device\Harddisk2\DR7 - Size: 0xF0000000 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:08:30.0795 5076 ============================================================ 21:08:30.0795 5076 \Device\Harddisk0\DR0: 21:08:30.0795 5076 MBR partitions: 21:08:30.0795 5076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000 21:08:30.0795 5076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xC350000 21:08:30.0795 5076 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC3B4800, BlocksNum 0x68351800 21:08:30.0795 5076 \Device\Harddisk1\DR1: 21:08:30.0795 5076 MBR partitions: 21:08:30.0795 5076 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542 21:08:30.0795 5076 \Device\Harddisk2\DR7: 21:08:30.0795 5076 MBR partitions: 21:08:30.0795 5076 \Device\Harddisk2\DR7\Partition1: MBR, Type 0xB, StartLBA 0x478, BlocksNum 0x77FB88 21:08:30.0795 5076 ============================================================ 21:08:30.0842 5076 C: <-> \Device\Harddisk0\DR0\Partition2 21:08:30.0858 5076 D: <-> \Device\Harddisk0\DR0\Partition3 21:08:30.0889 5076 M: <-> \Device\Harddisk1\DR1\Partition1 21:08:30.0889 5076 ============================================================ 21:08:30.0889 5076 Initialize success 21:08:30.0889 5076 ============================================================ 21:08:34.0352 4676 ============================================================ 21:08:34.0352 4676 Scan started 21:08:34.0352 4676 Mode: Manual; 21:08:34.0352 4676 ============================================================ 21:08:35.0163 4676 ================ Scan system memory ======================== 21:08:35.0163 4676 System memory - ok 21:08:35.0163 4676 ================ Scan services ============================= 21:08:35.0273 4676 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:08:35.0273 4676 1394ohci - ok 21:08:35.0351 4676 [ C863272577DC93199F9A2D108468EDB9 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe 21:08:35.0351 4676 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok 21:08:35.0397 4676 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:08:35.0397 4676 ACPI - ok 21:08:35.0429 4676 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:08:35.0429 4676 AcpiPmi - ok 21:08:35.0507 4676 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:08:35.0507 4676 AdobeARMservice - ok 21:08:35.0600 4676 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:08:35.0600 4676 AdobeFlashPlayerUpdateSvc - ok 21:08:35.0631 4676 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 21:08:35.0647 4676 adp94xx - ok 21:08:35.0647 4676 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 21:08:35.0647 4676 adpahci - ok 21:08:35.0663 4676 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 21:08:35.0663 4676 adpu320 - ok 21:08:35.0678 4676 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:08:35.0678 4676 AeLookupSvc - ok 21:08:35.0725 4676 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:08:35.0725 4676 AFD - ok 21:08:35.0756 4676 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:08:35.0756 4676 agp440 - ok 21:08:35.0772 4676 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:08:35.0772 4676 ALG - ok 21:08:35.0772 4676 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:08:35.0787 4676 aliide - ok 21:08:35.0787 4676 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:08:35.0787 4676 amdide - ok 21:08:35.0803 4676 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 21:08:35.0803 4676 AmdK8 - ok 21:08:35.0803 4676 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:08:35.0819 4676 AmdPPM - ok 21:08:35.0834 4676 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:08:35.0834 4676 amdsata - ok 21:08:35.0850 4676 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 21:08:35.0850 4676 amdsbs - ok 21:08:35.0865 4676 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:08:35.0865 4676 amdxata - ok 21:08:35.0928 4676 [ 07194A09DC27C99A2474251DE27F6E17 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 21:08:35.0928 4676 AntiVirSchedulerService - ok 21:08:35.0959 4676 [ F0964ECD283591E7686AF912298B9F39 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 21:08:35.0959 4676 AntiVirService - ok 21:08:35.0990 4676 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:08:35.0990 4676 AppID - ok 21:08:36.0021 4676 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:08:36.0021 4676 AppIDSvc - ok 21:08:36.0053 4676 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:08:36.0053 4676 Appinfo - ok 21:08:36.0131 4676 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:08:36.0131 4676 Apple Mobile Device - ok 21:08:36.0146 4676 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 21:08:36.0146 4676 arc - ok 21:08:36.0146 4676 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 21:08:36.0146 4676 arcsas - ok 21:08:36.0177 4676 aspnet_state - ok 21:08:36.0193 4676 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:08:36.0193 4676 AsyncMac - ok 21:08:36.0193 4676 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:08:36.0193 4676 atapi - ok 21:08:36.0224 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:08:36.0240 4676 AudioEndpointBuilder - ok 21:08:36.0240 4676 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:08:36.0240 4676 AudioSrv - ok 21:08:36.0271 4676 [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:08:36.0271 4676 avgntflt - ok 21:08:36.0287 4676 [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:08:36.0287 4676 avipbb - ok 21:08:36.0318 4676 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:08:36.0318 4676 avkmgr - ok 21:08:36.0349 4676 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:08:36.0349 4676 AxInstSV - ok 21:08:36.0365 4676 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 21:08:36.0380 4676 b06bdrv - ok 21:08:36.0396 4676 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:08:36.0396 4676 b57nd60a - ok 21:08:36.0458 4676 [ 936209B6F93D0E11659CB2D229FE6583 ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe 21:08:36.0458 4676 BCUService - ok 21:08:36.0474 4676 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:08:36.0474 4676 BDESVC - ok 21:08:36.0474 4676 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:08:36.0474 4676 Beep - ok 21:08:36.0505 4676 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:08:36.0521 4676 BFE - ok 21:08:36.0536 4676 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:08:36.0536 4676 BITS - ok 21:08:36.0567 4676 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:08:36.0567 4676 blbdrive - ok 21:08:36.0614 4676 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:08:36.0614 4676 Bonjour Service - ok 21:08:36.0645 4676 [ C752A6902163B5E9C3554BA69A275F41 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe 21:08:36.0645 4676 BOT4Service - ok 21:08:36.0708 4676 [ 92E3765E2F9E7EE2542C9C2F6318464C ] BOTService C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe 21:08:36.0723 4676 BOTService - ok 21:08:36.0739 4676 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:08:36.0739 4676 bowser - ok 21:08:36.0755 4676 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:08:36.0755 4676 BrFiltLo - ok 21:08:36.0755 4676 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:08:36.0755 4676 BrFiltUp - ok 21:08:36.0786 4676 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:08:36.0786 4676 Browser - ok 21:08:36.0801 4676 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:08:36.0801 4676 Brserid - ok 21:08:36.0817 4676 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:08:36.0817 4676 BrSerWdm - ok 21:08:36.0817 4676 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:08:36.0817 4676 BrUsbMdm - ok 21:08:36.0833 4676 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:08:36.0833 4676 BrUsbSer - ok 21:08:36.0848 4676 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 21:08:36.0848 4676 BTHMODEM - ok 21:08:36.0864 4676 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:08:36.0864 4676 bthserv - ok 21:08:36.0864 4676 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:08:36.0864 4676 cdfs - ok 21:08:36.0895 4676 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 21:08:36.0895 4676 cdrom - ok 21:08:36.0926 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:08:36.0926 4676 CertPropSvc - ok 21:08:36.0942 4676 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:08:36.0942 4676 circlass - ok 21:08:36.0957 4676 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:08:36.0957 4676 CLFS - ok 21:08:36.0973 4676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:08:36.0973 4676 clr_optimization_v2.0.50727_32 - ok 21:08:37.0020 4676 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:08:37.0020 4676 clr_optimization_v2.0.50727_64 - ok 21:08:37.0067 4676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:08:37.0067 4676 clr_optimization_v4.0.30319_32 - ok 21:08:37.0113 4676 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:08:37.0113 4676 clr_optimization_v4.0.30319_64 - ok 21:08:37.0129 4676 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:08:37.0129 4676 CmBatt - ok 21:08:37.0145 4676 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:08:37.0145 4676 cmdide - ok 21:08:37.0176 4676 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:08:37.0176 4676 CNG - ok 21:08:37.0191 4676 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:08:37.0191 4676 Compbatt - ok 21:08:37.0207 4676 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:08:37.0207 4676 CompositeBus - ok 21:08:37.0207 4676 COMSysApp - ok 21:08:37.0301 4676 cpuz132 - ok 21:08:37.0332 4676 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 21:08:37.0332 4676 crcdisk - ok 21:08:37.0347 4676 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:08:37.0347 4676 CryptSvc - ok 21:08:37.0394 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:08:37.0394 4676 DcomLaunch - ok 21:08:37.0425 4676 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:08:37.0425 4676 defragsvc - ok 21:08:37.0457 4676 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:08:37.0457 4676 DfsC - ok 21:08:37.0488 4676 [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys 21:08:37.0488 4676 dgderdrv - ok 21:08:37.0519 4676 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys 21:08:37.0519 4676 DgiVecp - ok 21:08:37.0566 4676 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:08:37.0566 4676 Dhcp - ok 21:08:37.0566 4676 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:08:37.0566 4676 discache - ok 21:08:37.0566 4676 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 21:08:37.0581 4676 Disk - ok 21:08:37.0597 4676 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:08:37.0597 4676 Dnscache - ok 21:08:37.0628 4676 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:08:37.0628 4676 dot3svc - ok 21:08:37.0659 4676 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:08:37.0659 4676 DPS - ok 21:08:37.0675 4676 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:08:37.0675 4676 drmkaud - ok 21:08:37.0706 4676 [ 3D52BD28FCB943DA53CE12C3D4A4C0AF ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdX64.sys 21:08:37.0706 4676 dsNcAdpt - ok 21:08:37.0784 4676 [ CD5102D11D59B62F4C21A66711220095 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe 21:08:37.0784 4676 dsNcService - ok 21:08:37.0815 4676 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:08:37.0831 4676 DXGKrnl - ok 21:08:37.0847 4676 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:08:37.0847 4676 EapHost - ok 21:08:37.0909 4676 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 21:08:37.0940 4676 ebdrv - ok 21:08:37.0971 4676 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:08:37.0971 4676 EFS - ok 21:08:38.0003 4676 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:08:38.0018 4676 ehRecvr - ok 21:08:38.0034 4676 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:08:38.0034 4676 ehSched - ok 21:08:38.0065 4676 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 21:08:38.0065 4676 elxstor - ok 21:08:38.0081 4676 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:08:38.0081 4676 ErrDev - ok 21:08:38.0112 4676 esgiguard - ok 21:08:38.0127 4676 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:08:38.0143 4676 EventSystem - ok 21:08:38.0143 4676 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:08:38.0143 4676 exfat - ok 21:08:38.0159 4676 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:08:38.0159 4676 fastfat - ok 21:08:38.0190 4676 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:08:38.0205 4676 Fax - ok 21:08:38.0205 4676 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:08:38.0205 4676 fdc - ok 21:08:38.0221 4676 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:08:38.0221 4676 fdPHost - ok 21:08:38.0237 4676 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:08:38.0237 4676 FDResPub - ok 21:08:38.0237 4676 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:08:38.0237 4676 FileInfo - ok 21:08:38.0237 4676 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:08:38.0237 4676 Filetrace - ok 21:08:38.0315 4676 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 21:08:38.0330 4676 FLEXnet Licensing Service - ok 21:08:38.0330 4676 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:08:38.0330 4676 flpydisk - ok 21:08:38.0361 4676 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:08:38.0361 4676 FltMgr - ok 21:08:38.0393 4676 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 21:08:38.0408 4676 FontCache - ok 21:08:38.0471 4676 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:08:38.0471 4676 FontCache3.0.0.0 - ok 21:08:38.0486 4676 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:08:38.0502 4676 FsDepends - ok 21:08:38.0517 4676 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:08:38.0517 4676 Fs_Rec - ok 21:08:38.0549 4676 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:08:38.0549 4676 fvevol - ok 21:08:38.0564 4676 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 21:08:38.0564 4676 gagp30kx - ok 21:08:38.0564 4676 gdrv - ok 21:08:38.0595 4676 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:08:38.0595 4676 GEARAspiWDM - ok 21:08:38.0627 4676 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:08:38.0642 4676 gpsvc - ok 21:08:38.0705 4676 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:08:38.0705 4676 gupdate - ok 21:08:38.0720 4676 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:08:38.0720 4676 gupdatem - ok 21:08:38.0767 4676 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 21:08:38.0767 4676 gusvc - ok 21:08:38.0798 4676 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 21:08:38.0798 4676 hamachi - ok 21:08:38.0814 4676 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:08:38.0814 4676 hcw85cir - ok 21:08:38.0876 4676 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:08:38.0892 4676 HdAudAddService - ok 21:08:38.0954 4676 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:08:38.0985 4676 HDAudBus - ok 21:08:39.0001 4676 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 21:08:39.0063 4676 HidBatt - ok 21:08:39.0126 4676 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 21:08:39.0126 4676 HidBth - ok 21:08:39.0141 4676 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:08:39.0141 4676 HidIr - ok 21:08:39.0157 4676 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:08:39.0157 4676 hidserv - ok 21:08:39.0204 4676 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:08:39.0204 4676 HidUsb - ok 21:08:39.0219 4676 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:08:39.0235 4676 hkmsvc - ok 21:08:39.0251 4676 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:08:39.0251 4676 HomeGroupListener - ok 21:08:39.0266 4676 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:08:39.0266 4676 HomeGroupProvider - ok 21:08:39.0297 4676 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:08:39.0297 4676 HpSAMD - ok 21:08:39.0313 4676 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys 21:08:39.0313 4676 HTCAND64 - ok 21:08:39.0344 4676 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys 21:08:39.0344 4676 htcnprot - ok 21:08:39.0375 4676 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:08:39.0375 4676 HTTP - ok 21:08:39.0407 4676 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:08:39.0407 4676 hwpolicy - ok 21:08:39.0469 4676 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 21:08:39.0469 4676 i8042prt - ok 21:08:39.0500 4676 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:08:39.0500 4676 iaStorV - ok 21:08:39.0563 4676 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 21:08:39.0563 4676 IDriverT - ok 21:08:39.0609 4676 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:08:39.0609 4676 idsvc - ok 21:08:39.0625 4676 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 21:08:39.0625 4676 iirsp - ok 21:08:39.0656 4676 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:08:39.0656 4676 IKEEXT - ok 21:08:39.0703 4676 [ 135856AC71116CCFF05ED8481745241B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:08:39.0734 4676 IntcAzAudAddService - ok 21:08:39.0750 4676 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:08:39.0750 4676 intelide - ok 21:08:39.0765 4676 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:08:39.0765 4676 intelppm - ok 21:08:39.0781 4676 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:08:39.0781 4676 IPBusEnum - ok 21:08:39.0812 4676 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:08:39.0828 4676 IpFilterDriver - ok 21:08:39.0859 4676 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:08:39.0859 4676 iphlpsvc - ok 21:08:39.0875 4676 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:08:39.0875 4676 IPMIDRV - ok 21:08:39.0890 4676 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:08:39.0890 4676 IPNAT - ok 21:08:39.0953 4676 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:08:39.0968 4676 iPod Service - ok 21:08:39.0984 4676 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:08:39.0984 4676 IRENUM - ok 21:08:40.0015 4676 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:08:40.0015 4676 isapnp - ok 21:08:40.0031 4676 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:08:40.0031 4676 iScsiPrt - ok 21:08:40.0062 4676 [ 23CE9AAE4E88B95484F616CC572391AC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys 21:08:40.0062 4676 JRAID - ok 21:08:40.0062 4676 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:08:40.0062 4676 kbdclass - ok 21:08:40.0093 4676 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:08:40.0109 4676 kbdhid - ok 21:08:40.0109 4676 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:08:40.0109 4676 KeyIso - ok 21:08:40.0124 4676 KiesAllShare - ok 21:08:40.0155 4676 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:08:40.0155 4676 KSecDD - ok 21:08:40.0202 4676 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:08:40.0202 4676 KSecPkg - ok 21:08:40.0218 4676 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:08:40.0218 4676 ksthunk - ok 21:08:40.0249 4676 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:08:40.0249 4676 KtmRm - ok 21:08:40.0280 4676 [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2 C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys 21:08:40.0280 4676 LADF_DHP2 - ok 21:08:40.0311 4676 [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys 21:08:40.0311 4676 LADF_SBVM - ok 21:08:40.0343 4676 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:08:40.0343 4676 LanmanServer - ok 21:08:40.0374 4676 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:08:40.0389 4676 LanmanWorkstation - ok 21:08:40.0452 4676 [ 19EFF704CD16DD0429E128431F1DD631 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 21:08:40.0452 4676 LBTServ - ok 21:08:40.0483 4676 [ ABFD2B5726F4CCE49297AE48806CC594 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys 21:08:40.0483 4676 LEqdUsb - ok 21:08:40.0514 4676 [ 933F69CF9ACD2498693BFCD7ED68E8D4 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys 21:08:40.0514 4676 LHidEqd - ok 21:08:40.0545 4676 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 21:08:40.0545 4676 LHidFilt - ok 21:08:40.0608 4676 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 21:08:40.0608 4676 LightScribeService - ok 21:08:40.0623 4676 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:08:40.0623 4676 lltdio - ok 21:08:40.0639 4676 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:08:40.0655 4676 lltdsvc - ok 21:08:40.0655 4676 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:08:40.0655 4676 lmhosts - ok 21:08:40.0670 4676 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 21:08:40.0670 4676 LMouFilt - ok 21:08:40.0686 4676 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 21:08:40.0686 4676 LSI_FC - ok 21:08:40.0701 4676 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 21:08:40.0701 4676 LSI_SAS - ok 21:08:40.0717 4676 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:08:40.0717 4676 LSI_SAS2 - ok 21:08:40.0717 4676 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:08:40.0717 4676 LSI_SCSI - ok 21:08:40.0733 4676 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:08:40.0733 4676 luafv - ok 21:08:40.0748 4676 [ 11DDB1D900078FBE3691DF7B878AEC28 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys 21:08:40.0748 4676 LUsbFilt - ok 21:08:40.0779 4676 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:08:40.0779 4676 Mcx2Svc - ok 21:08:40.0779 4676 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 21:08:40.0795 4676 megasas - ok 21:08:40.0795 4676 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 21:08:40.0795 4676 MegaSR - ok 21:08:40.0889 4676 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 21:08:40.0889 4676 Microsoft Office Groove Audit Service - ok 21:08:40.0920 4676 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:08:40.0920 4676 MMCSS - ok 21:08:40.0920 4676 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:08:40.0935 4676 Modem - ok 21:08:40.0935 4676 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:08:40.0935 4676 monitor - ok 21:08:40.0967 4676 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:08:40.0967 4676 mouclass - ok 21:08:40.0982 4676 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:08:40.0982 4676 mouhid - ok 21:08:41.0013 4676 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:08:41.0013 4676 mountmgr - ok 21:08:41.0060 4676 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:08:41.0060 4676 mpio - ok 21:08:41.0076 4676 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:08:41.0076 4676 mpsdrv - ok 21:08:41.0107 4676 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:08:41.0123 4676 MpsSvc - ok 21:08:41.0138 4676 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:08:41.0138 4676 MRxDAV - ok 21:08:41.0169 4676 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:08:41.0169 4676 mrxsmb - ok 21:08:41.0216 4676 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:08:41.0216 4676 mrxsmb10 - ok 21:08:41.0232 4676 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:08:41.0247 4676 mrxsmb20 - ok 21:08:41.0247 4676 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:08:41.0247 4676 msahci - ok 21:08:41.0279 4676 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:08:41.0279 4676 msdsm - ok 21:08:41.0294 4676 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:08:41.0294 4676 MSDTC - ok 21:08:41.0310 4676 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:08:41.0310 4676 Msfs - ok 21:08:41.0325 4676 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:08:41.0325 4676 mshidkmdf - ok 21:08:41.0341 4676 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:08:41.0341 4676 msisadrv - ok 21:08:41.0357 4676 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:08:41.0357 4676 MSiSCSI - ok 21:08:41.0372 4676 msiserver - ok 21:08:41.0372 4676 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:08:41.0372 4676 MSKSSRV - ok 21:08:41.0403 4676 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:08:41.0403 4676 MSPCLOCK - ok 21:08:41.0403 4676 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:08:41.0403 4676 MSPQM - ok 21:08:41.0435 4676 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:08:41.0435 4676 MsRPC - ok 21:08:41.0466 4676 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:08:41.0466 4676 mssmbios - ok 21:08:41.0481 4676 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:08:41.0481 4676 MSTEE - ok 21:08:41.0481 4676 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 21:08:41.0481 4676 MTConfig - ok 21:08:41.0497 4676 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:08:41.0497 4676 Mup - ok 21:08:41.0528 4676 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:08:41.0544 4676 napagent - ok 21:08:41.0559 4676 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:08:41.0559 4676 NativeWifiP - ok 21:08:41.0591 4676 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:08:41.0606 4676 NDIS - ok 21:08:41.0606 4676 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:08:41.0606 4676 NdisCap - ok 21:08:41.0637 4676 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:08:41.0637 4676 NdisTapi - ok 21:08:41.0653 4676 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:08:41.0653 4676 Ndisuio - ok 21:08:41.0684 4676 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:08:41.0684 4676 NdisWan - ok 21:08:41.0700 4676 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:08:41.0700 4676 NDProxy - ok 21:08:41.0778 4676 [ 27FE4B70C12A2C67A58D799B9A4E8D81 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 21:08:41.0778 4676 Nero BackItUp Scheduler 4.0 - ok 21:08:41.0809 4676 [ 307BC83250FC8E3B2878D81E7D760299 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 21:08:41.0809 4676 Netaapl - ok 21:08:41.0825 4676 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:08:41.0825 4676 NetBIOS - ok 21:08:41.0840 4676 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:08:41.0840 4676 NetBT - ok 21:08:41.0856 4676 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:08:41.0856 4676 Netlogon - ok 21:08:41.0887 4676 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:08:41.0887 4676 Netman - ok 21:08:41.0903 4676 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:08:41.0903 4676 netprofm - ok 21:08:41.0934 4676 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:08:41.0934 4676 NetTcpPortSharing - ok 21:08:41.0965 4676 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 21:08:41.0965 4676 nfrd960 - ok 21:08:41.0981 4676 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:08:41.0981 4676 NlaSvc - ok 21:08:42.0059 4676 [ B400ED9FA710F2E5FC3C1CB14D7947B0 ] NMSAccessU C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe 21:08:42.0059 4676 NMSAccessU - ok 21:08:42.0074 4676 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:08:42.0074 4676 Npfs - ok 21:08:42.0074 4676 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:08:42.0074 4676 nsi - ok 21:08:42.0090 4676 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:08:42.0090 4676 nsiproxy - ok 21:08:42.0137 4676 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:08:42.0152 4676 Ntfs - ok 21:08:42.0168 4676 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:08:42.0168 4676 Null - ok 21:08:42.0355 4676 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:08:42.0527 4676 nvlddmkm - ok 21:08:42.0558 4676 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:08:42.0558 4676 nvraid - ok 21:08:42.0573 4676 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:08:42.0573 4676 nvstor - ok 21:08:42.0605 4676 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe 21:08:42.0620 4676 nvsvc - ok 21:08:42.0698 4676 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 21:08:42.0714 4676 nvUpdatusService - ok 21:08:42.0729 4676 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:08:42.0729 4676 nv_agp - ok 21:08:42.0823 4676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:08:42.0823 4676 odserv - ok 21:08:42.0854 4676 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:08:42.0854 4676 ohci1394 - ok 21:08:42.0870 4676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:08:42.0870 4676 ose - ok 21:08:42.0901 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:08:42.0901 4676 p2pimsvc - ok 21:08:42.0917 4676 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:08:42.0917 4676 p2psvc - ok 21:08:42.0948 4676 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:08:42.0948 4676 Parport - ok 21:08:42.0979 4676 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:08:42.0979 4676 partmgr - ok 21:08:43.0026 4676 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 21:08:43.0026 4676 PassThru Service - ok 21:08:43.0026 4676 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:08:43.0041 4676 PcaSvc - ok 21:08:43.0057 4676 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 21:08:43.0057 4676 pccsmcfd - ok 21:08:43.0073 4676 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:08:43.0088 4676 pci - ok 21:08:43.0088 4676 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:08:43.0088 4676 pciide - ok 21:08:43.0104 4676 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 21:08:43.0104 4676 pcmcia - ok 21:08:43.0119 4676 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:08:43.0119 4676 pcw - ok 21:08:43.0151 4676 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:08:43.0151 4676 PEAUTH - ok 21:08:43.0197 4676 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:08:43.0197 4676 PerfHost - ok 21:08:43.0244 4676 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:08:43.0260 4676 pla - ok 21:08:43.0307 4676 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:08:43.0307 4676 PlugPlay - ok 21:08:43.0307 4676 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:08:43.0307 4676 PNRPAutoReg - ok 21:08:43.0322 4676 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:08:43.0322 4676 PNRPsvc - ok 21:08:43.0353 4676 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:08:43.0353 4676 PolicyAgent - ok 21:08:43.0385 4676 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 21:08:43.0385 4676 Power - ok 21:08:43.0400 4676 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:08:43.0400 4676 PptpMiniport - ok 21:08:43.0416 4676 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 21:08:43.0416 4676 Processor - ok 21:08:43.0463 4676 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:08:43.0463 4676 ProfSvc - ok 21:08:43.0478 4676 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:08:43.0478 4676 ProtectedStorage - ok 21:08:43.0509 4676 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:08:43.0509 4676 Psched - ok 21:08:43.0525 4676 [ 41AD0FCF47275A9BC70FA1B56BFD3E23 ] pwdrvio C:\Windows\system32\pwdrvio.sys 21:08:43.0525 4676 pwdrvio - ok 21:08:43.0556 4676 [ 19CF17076F2524AF6746B528584AA3C9 ] pwdspio C:\Windows\system32\pwdspio.sys 21:08:43.0556 4676 pwdspio - ok 21:08:43.0587 4676 [ F2EECF8977BD3FE4E38743DDCFBECD20 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 21:08:43.0587 4676 PxHlpa64 - ok 21:08:43.0619 4676 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 21:08:43.0634 4676 ql2300 - ok 21:08:43.0650 4676 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 21:08:43.0650 4676 ql40xx - ok 21:08:43.0681 4676 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:08:43.0681 4676 QWAVE - ok 21:08:43.0697 4676 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:08:43.0697 4676 QWAVEdrv - ok 21:08:43.0743 4676 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 21:08:43.0743 4676 RapiMgr - ok 21:08:43.0743 4676 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:08:43.0743 4676 RasAcd - ok 21:08:43.0775 4676 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:08:43.0775 4676 RasAgileVpn - ok 21:08:43.0775 4676 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:08:43.0790 4676 RasAuto - ok 21:08:43.0806 4676 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:08:43.0806 4676 Rasl2tp - ok 21:08:43.0837 4676 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:08:43.0837 4676 RasMan - ok 21:08:43.0853 4676 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:08:43.0853 4676 RasPppoe - ok 21:08:43.0868 4676 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:08:43.0868 4676 RasSstp - ok 21:08:43.0899 4676 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:08:43.0899 4676 rdbss - ok 21:08:43.0915 4676 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:08:43.0915 4676 rdpbus - ok 21:08:43.0931 4676 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:08:43.0931 4676 RDPCDD - ok 21:08:43.0931 4676 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:08:43.0931 4676 RDPENCDD - ok 21:08:43.0946 4676 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:08:43.0946 4676 RDPREFMP - ok 21:08:43.0977 4676 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:08:43.0977 4676 RDPWD - ok 21:08:43.0977 4676 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:08:43.0977 4676 rdyboost - ok 21:08:43.0993 4676 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:08:43.0993 4676 RemoteAccess - ok 21:08:44.0009 4676 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:08:44.0009 4676 RemoteRegistry - ok 21:08:44.0087 4676 [ 879BF5333A3DF407019FB16B35F2A352 ] RoxMediaDB13 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe 21:08:44.0102 4676 RoxMediaDB13 - ok 21:08:44.0227 4676 [ DDB9FE116DF539AD256AB18C9BCA883B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe 21:08:44.0227 4676 RoxWatch12 - ok 21:08:44.0258 4676 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:08:44.0258 4676 RpcEptMapper - ok 21:08:44.0258 4676 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:08:44.0258 4676 RpcLocator - ok 21:08:44.0274 4676 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:08:44.0289 4676 RpcSs - ok 21:08:44.0289 4676 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:08:44.0289 4676 rspndr - ok 21:08:44.0321 4676 [ E843FDFA8BDD37D271FCDB764C72D054 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:08:44.0321 4676 RTL8167 - ok 21:08:44.0352 4676 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys 21:08:44.0352 4676 Sahdad64 - ok 21:08:44.0383 4676 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys 21:08:44.0383 4676 Saibad64 - ok 21:08:44.0383 4676 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys 21:08:44.0383 4676 SaibVdAd64 - ok 21:08:44.0399 4676 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:08:44.0399 4676 SamSs - ok 21:08:44.0430 4676 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:08:44.0430 4676 sbp2port - ok 21:08:44.0445 4676 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:08:44.0445 4676 SCardSvr - ok 21:08:44.0477 4676 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:08:44.0477 4676 scfilter - ok 21:08:44.0508 4676 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:08:44.0523 4676 Schedule - ok 21:08:44.0555 4676 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:08:44.0555 4676 SCPolicySvc - ok 21:08:44.0570 4676 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:08:44.0570 4676 SDRSVC - ok 21:08:44.0601 4676 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:08:44.0601 4676 secdrv - ok 21:08:44.0633 4676 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:08:44.0633 4676 seclogon - ok 21:08:44.0633 4676 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:08:44.0633 4676 SENS - ok 21:08:44.0648 4676 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:08:44.0648 4676 SensrSvc - ok 21:08:44.0664 4676 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:08:44.0664 4676 Serenum - ok 21:08:44.0679 4676 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:08:44.0679 4676 Serial - ok 21:08:44.0711 4676 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 21:08:44.0711 4676 sermouse - ok 21:08:44.0726 4676 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:08:44.0726 4676 SessionEnv - ok 21:08:44.0742 4676 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:08:44.0742 4676 sffdisk - ok 21:08:44.0773 4676 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:08:44.0773 4676 sffp_mmc - ok 21:08:44.0773 4676 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:08:44.0773 4676 sffp_sd - ok 21:08:44.0789 4676 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 21:08:44.0789 4676 sfloppy - ok 21:08:44.0804 4676 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:08:44.0804 4676 SharedAccess - ok 21:08:44.0835 4676 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:08:44.0851 4676 ShellHWDetection - ok 21:08:44.0867 4676 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:08:44.0867 4676 SiSRaid2 - ok 21:08:44.0882 4676 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 21:08:44.0882 4676 SiSRaid4 - ok 21:08:44.0913 4676 [ EF3B592545676301CDEB7C2609EED7BF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 21:08:44.0913 4676 SkypeUpdate - ok 21:08:44.0945 4676 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:08:44.0945 4676 Smb - ok 21:08:44.0976 4676 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:08:44.0976 4676 SNMPTRAP - ok 21:08:44.0976 4676 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:08:44.0976 4676 spldr - ok 21:08:45.0007 4676 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:08:45.0007 4676 Spooler - ok 21:08:45.0069 4676 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:08:45.0132 4676 sppsvc - ok 21:08:45.0132 4676 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:08:45.0147 4676 sppuinotify - ok 21:08:45.0194 4676 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\System32\Drivers\sptd.sys 21:08:45.0194 4676 sptd - ok 21:08:45.0225 4676 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:08:45.0225 4676 srv - ok 21:08:45.0225 4676 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:08:45.0241 4676 srv2 - ok 21:08:45.0241 4676 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:08:45.0241 4676 srvnet - ok 21:08:45.0272 4676 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:08:45.0272 4676 SSDPSRV - ok 21:08:45.0303 4676 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys 21:08:45.0303 4676 SSPORT - ok 21:08:45.0319 4676 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:08:45.0319 4676 SstpSvc - ok 21:08:45.0350 4676 StarOpen - ok 21:08:45.0381 4676 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 21:08:45.0381 4676 Stereo Service - ok 21:08:45.0413 4676 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 21:08:45.0413 4676 stexstor - ok 21:08:45.0459 4676 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:08:45.0459 4676 stisvc - ok 21:08:45.0475 4676 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 21:08:45.0475 4676 swenum - ok 21:08:45.0506 4676 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:08:45.0522 4676 swprv - ok 21:08:45.0537 4676 [ 1F1D1BCC1B746DE700E3E21D758262A7 ] SysCow C:\Windows\system32\drivers\syscowad64v.sys 21:08:45.0553 4676 SysCow - ok 21:08:45.0600 4676 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:08:45.0615 4676 SysMain - ok 21:08:45.0631 4676 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:08:45.0631 4676 TabletInputService - ok 21:08:45.0647 4676 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:08:45.0647 4676 TapiSrv - ok 21:08:45.0662 4676 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:08:45.0662 4676 TBS - ok 21:08:45.0709 4676 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:08:45.0740 4676 Tcpip - ok 21:08:45.0771 4676 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:08:45.0771 4676 TCPIP6 - ok 21:08:45.0803 4676 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:08:45.0818 4676 tcpipreg - ok 21:08:45.0818 4676 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:08:45.0834 4676 TDPIPE - ok 21:08:45.0849 4676 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:08:45.0849 4676 TDTCP - ok 21:08:45.0881 4676 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:08:45.0881 4676 tdx - ok 21:08:45.0896 4676 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 21:08:45.0896 4676 TermDD - ok 21:08:45.0927 4676 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:08:45.0943 4676 TermService - ok 21:08:45.0959 4676 [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys 21:08:45.0959 4676 TFsExDisk - ok 21:08:45.0974 4676 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:08:45.0974 4676 Themes - ok 21:08:45.0990 4676 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:08:45.0990 4676 THREADORDER - ok 21:08:46.0005 4676 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:08:46.0005 4676 TrkWks - ok 21:08:46.0037 4676 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:08:46.0037 4676 TrustedInstaller - ok 21:08:46.0068 4676 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:08:46.0068 4676 tssecsrv - ok 21:08:46.0099 4676 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:08:46.0099 4676 TsUsbFlt - ok 21:08:46.0130 4676 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:08:46.0146 4676 tunnel - ok 21:08:46.0146 4676 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 21:08:46.0146 4676 uagp35 - ok 21:08:46.0177 4676 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:08:46.0177 4676 udfs - ok 21:08:46.0193 4676 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:08:46.0193 4676 UI0Detect - ok 21:08:46.0193 4676 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:08:46.0193 4676 uliagpkx - ok 21:08:46.0239 4676 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:08:46.0239 4676 umbus - ok 21:08:46.0255 4676 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 21:08:46.0255 4676 UmPass - ok 21:08:46.0271 4676 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:08:46.0286 4676 upnphost - ok 21:08:46.0302 4676 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 21:08:46.0302 4676 USBAAPL64 - ok 21:08:46.0333 4676 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:08:46.0333 4676 usbaudio - ok 21:08:46.0349 4676 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:08:46.0349 4676 usbccgp - ok 21:08:46.0380 4676 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:08:46.0380 4676 usbcir - ok 21:08:46.0395 4676 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 21:08:46.0395 4676 usbehci - ok 21:08:46.0427 4676 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:08:46.0427 4676 usbhub - ok 21:08:46.0442 4676 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:08:46.0442 4676 usbohci - ok 21:08:46.0458 4676 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:08:46.0458 4676 usbprint - ok 21:08:46.0473 4676 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:08:46.0473 4676 usbscan - ok 21:08:46.0505 4676 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:08:46.0505 4676 USBSTOR - ok 21:08:46.0536 4676 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:08:46.0536 4676 usbuhci - ok 21:08:46.0567 4676 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 21:08:46.0567 4676 usb_rndisx - ok 21:08:46.0583 4676 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:08:46.0583 4676 UxSms - ok 21:08:46.0583 4676 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:08:46.0583 4676 VaultSvc - ok 21:08:46.0614 4676 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:08:46.0614 4676 vdrvroot - ok 21:08:46.0629 4676 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:08:46.0645 4676 vds - ok 21:08:46.0661 4676 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:08:46.0661 4676 vga - ok 21:08:46.0676 4676 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:08:46.0676 4676 VgaSave - ok 21:08:46.0692 4676 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:08:46.0692 4676 vhdmp - ok 21:08:46.0707 4676 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:08:46.0707 4676 viaide - ok 21:08:46.0739 4676 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:08:46.0739 4676 volmgr - ok 21:08:46.0754 4676 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:08:46.0754 4676 volmgrx - ok 21:08:46.0785 4676 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:08:46.0785 4676 volsnap - ok 21:08:46.0817 4676 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 21:08:46.0817 4676 vsmraid - ok 21:08:46.0863 4676 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:08:46.0879 4676 VSS - ok 21:08:46.0895 4676 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 21:08:46.0895 4676 vwifibus - ok 21:08:46.0926 4676 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:08:46.0926 4676 W32Time - ok 21:08:46.0941 4676 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 21:08:46.0941 4676 WacomPen - ok 21:08:46.0957 4676 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:08:46.0957 4676 WANARP - ok 21:08:46.0957 4676 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:08:46.0957 4676 Wanarpv6 - ok 21:08:47.0019 4676 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:08:47.0035 4676 WatAdminSvc - ok 21:08:47.0082 4676 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:08:47.0113 4676 wbengine - ok 21:08:47.0129 4676 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:08:47.0129 4676 WbioSrvc - ok 21:08:47.0160 4676 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 21:08:47.0160 4676 WcesComm - ok 21:08:47.0175 4676 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:08:47.0175 4676 wcncsvc - ok 21:08:47.0175 4676 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:08:47.0175 4676 WcsPlugInService - ok 21:08:47.0191 4676 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 21:08:47.0191 4676 Wd - ok 21:08:47.0238 4676 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:08:47.0238 4676 Wdf01000 - ok 21:08:47.0253 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:08:47.0253 4676 WdiServiceHost - ok 21:08:47.0253 4676 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:08:47.0253 4676 WdiSystemHost - ok 21:08:47.0285 4676 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:08:47.0285 4676 WebClient - ok 21:08:47.0285 4676 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:08:47.0300 4676 Wecsvc - ok 21:08:47.0300 4676 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:08:47.0300 4676 wercplsupport - ok 21:08:47.0316 4676 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:08:47.0331 4676 WerSvc - ok 21:08:47.0331 4676 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:08:47.0331 4676 WfpLwf - ok 21:08:47.0331 4676 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:08:47.0331 4676 WIMMount - ok 21:08:47.0347 4676 WinDefend - ok 21:08:47.0347 4676 WinHttpAutoProxySvc - ok 21:08:47.0394 4676 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:08:47.0394 4676 Winmgmt - ok 21:08:47.0456 4676 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:08:47.0487 4676 WinRM - ok 21:08:47.0519 4676 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:08:47.0519 4676 WinUsb - ok 21:08:47.0550 4676 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:08:47.0550 4676 Wlansvc - ok 21:08:47.0659 4676 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:08:47.0706 4676 wlidsvc - ok 21:08:47.0737 4676 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys 21:08:47.0737 4676 WmBEnum - ok 21:08:47.0768 4676 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys 21:08:47.0768 4676 WmFilter - ok 21:08:47.0799 4676 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:08:47.0799 4676 WmiAcpi - ok 21:08:47.0815 4676 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:08:47.0815 4676 wmiApSrv - ok 21:08:47.0831 4676 WMPNetworkSvc - ok 21:08:47.0846 4676 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys 21:08:47.0846 4676 WmVirHid - ok 21:08:47.0862 4676 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys 21:08:47.0862 4676 WmXlCore - ok 21:08:47.0862 4676 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:08:47.0877 4676 WPCSvc - ok 21:08:47.0893 4676 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:08:47.0893 4676 WPDBusEnum - ok 21:08:47.0909 4676 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:08:47.0909 4676 ws2ifsl - ok 21:08:47.0909 4676 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:08:47.0909 4676 wscsvc - ok 21:08:47.0924 4676 WSearch - ok 21:08:47.0971 4676 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:08:48.0002 4676 wuauserv - ok 21:08:48.0018 4676 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:08:48.0033 4676 WudfPf - ok 21:08:48.0033 4676 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:08:48.0049 4676 WUDFRd - ok 21:08:48.0065 4676 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:08:48.0065 4676 wudfsvc - ok 21:08:48.0080 4676 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:08:48.0096 4676 WwanSvc - ok 21:08:48.0111 4676 ================ Scan global =============================== 21:08:48.0127 4676 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:08:48.0158 4676 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:08:48.0158 4676 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 21:08:48.0174 4676 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:08:48.0189 4676 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:08:48.0189 4676 [Global] - ok 21:08:48.0189 4676 ================ Scan MBR ================================== 21:08:48.0205 4676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:08:48.0361 4676 \Device\Harddisk0\DR0 - ok 21:08:48.0377 4676 [ BBB0A0725AD66F38B1A32135F3CB55D6 ] \Device\Harddisk1\DR1 21:08:48.0377 4676 \Device\Harddisk1\DR1 - ok 21:08:48.0377 4676 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR7 21:08:48.0377 4676 \Device\Harddisk2\DR7 - ok 21:08:48.0377 4676 ================ Scan VBR ================================== 21:08:48.0392 4676 [ 7733534878826669BFEBB541030700CF ] \Device\Harddisk0\DR0\Partition1 21:08:48.0392 4676 \Device\Harddisk0\DR0\Partition1 - ok 21:08:48.0392 4676 [ DF51D53E78708AD1821FD2AD5408C0B9 ] \Device\Harddisk0\DR0\Partition2 21:08:48.0392 4676 \Device\Harddisk0\DR0\Partition2 - ok 21:08:48.0423 4676 [ 94A05DC0352E3F6EFC41E20480CD33DD ] \Device\Harddisk0\DR0\Partition3 21:08:48.0423 4676 \Device\Harddisk0\DR0\Partition3 - ok 21:08:48.0423 4676 [ 0BBD3BD09A557F0F16B0B3998E46A4D0 ] \Device\Harddisk1\DR1\Partition1 21:08:48.0423 4676 \Device\Harddisk1\DR1\Partition1 - ok 21:08:48.0423 4676 [ C7FB3A401D9CAB12220407CE048CD67A ] \Device\Harddisk2\DR7\Partition1 21:08:48.0423 4676 \Device\Harddisk2\DR7\Partition1 - ok 21:08:48.0423 4676 ============================================================ 21:08:48.0423 4676 Scan finished 21:08:48.0423 4676 ============================================================ 21:08:48.0423 4564 Detected object count: 0 21:08:48.0423 4564 Actual detected object count: 0 Code:
ATTFilter OTL logfile created on: 26.11.2012 20:50:38 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dinu\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 71.83% Memory free 7.99 Gb Paging File | 6.73 Gb Available in Paging File | 84.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.66 Gb Total Space | 10.12 Gb Free Space | 10.36% Space Free | Partition Type: NTFS Drive D: | 833.66 Gb Total Space | 739.78 Gb Free Space | 88.74% Space Free | Partition Type: NTFS Drive K: | 3.74 Gb Total Space | 2.37 Gb Free Space | 63.36% Space Free | Partition Type: FAT32 Drive M: | 232.88 Gb Total Space | 92.02 Gb Free Space | 39.51% Space Free | Partition Type: NTFS Computer Name: DINU-STEG | User Name: dinu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\dinu\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\dinu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe () PRC - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe () PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe () ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (BOT4Service) -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe () SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe (Rovi Corporation) SRV - (RoxMediaDB13) -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe (Rovi Corporation) SRV - (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) SRV - (dsNcService) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (NMSAccessU) -- C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.) DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SaibVdAd64) -- C:\Windows\SysNative\drivers\SaibVdAd64.sys (Sonic Solutions) DRV:64bit: - (Sahdad64) -- C:\Windows\SysNative\drivers\Sahdad64.sys (Sonic Solutions) DRV:64bit: - (Saibad64) -- C:\Windows\SysNative\drivers\Saibad64.sys (Sonic Solutions) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd) DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc) DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech) DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech) DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys () DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys () DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (SysCow) -- C:\Windows\SysNative\drivers\syscowad64v.sys (Sonic Solutions) DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.) DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.) DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.) DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.) DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics) DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (dsNcAdpt) -- C:\Windows\SysNative\drivers\dsNcAdX64.sys (Juniper Networks) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\..\SearchScopes,DefaultScope = {6B565918-AFF6-4bae-AC3F-63F626BDE74D} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6B565918-AFF6-4bae-AC3F-63F626BDE74D}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2122003 IE - HKLM\..\SearchScopes\{EF742892-2E03-485a-BAFD-8834EFA69EA5}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A CE 92 87 94 B1 CA 01 [binary data] IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {6B565918-AFF6-4bae-AC3F-63F626BDE74D} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10262&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGT&apn_dtid=^YYYYYY^YY^CH&apn_uid=37e2cfb0-4dbf-4cea-b579-48169ba571d2&apn_sauid=4F656C57-124D-4BCA-9BF6-E810A6F640DF IE - HKCU\..\SearchScopes\{6B565918-AFF6-4bae-AC3F-63F626BDE74D}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_deCH367 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:33440 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.11 17:53:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.08 20:47:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.12 23:56:32 | 000,000,000 | ---D | M] [2012.11.13 00:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.03.17 18:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.01.26 22:08:35 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.01.26 22:08:35 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.01.26 22:08:35 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.01.26 22:08:35 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.01.26 22:08:35 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10262&gct=hp&dc=EU&locale=de_CH CHR - default_search_provider: Ask (Enabled) CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10262&locale=de_CH&apn_uid=37e2cfb0-4dbf-4cea-b579-48169ba571d2&apn_ptnrs=%5EAGT&apn_sauid=4F656C57-124D-4BCA-9BF6-E810A6F640DF&apn_dtid=%5EYYYYYY%5EYY%5ECH&q={searchTerms} CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10262&gct=hp&dc=EU&locale=de_CH CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\dinu\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.150.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java(TM) Platform SE 6 U15 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: YouTube = C:\Users\dinu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\dinu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\dinu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ CHR - Extension: Google Mail = C:\Users\dinu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2010.07.29 20:45:58 | 000,000,848 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 gs.apple.com O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (BHO Class) - {DD92DE22-ED91-4560-B788-DEE2B26612E6} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\IEHelper.dll (DeviceVM, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (RadioBar Toolbar) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLX3180_Scan2Pc] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe () O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c)) O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [QuickTime Task] D:\Programme\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation) O4 - HKCU..\Run: [gbgxlfmo] C:\Users\dinu\AppData\Local\bkmkhsirx\trrcxnvtssd.exe File not found O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKCU..\Run: [Run-OSByPetzl] D:\Program Files (x86)\Petzl\OSByPetzl\WinPetzlController.exe (Petzl) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\dinu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\RunOnce: [A0A8FEC4E8BCA17F0000A0A85E21A69B] C:\ProgramData\A0A8FEC4E8BCA17F0000A0A85E21A69B\A0A8FEC4E8BCA17F0000A0A85E21A69B.exe () O4 - Startup: C:\Users\dinu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\dinu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\dinu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube Download - C:\Users\dinu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\dinu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://order.ifolor.ch/ORDERINGGENERAL/LowRes/app_support/_2_1_9/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control) O16 - DPF: {48580E34-E37A-454A-8EC4-FC7598B01D77} hxxp://chkr-web.ifolor.net/app_support/1/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://webvpn.unibe.ch/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E80DFE3-A59E-4051-908A-3FCCFF4799F0}: DhcpNameServer = 138.188.101.186 138.188.101.189 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53A5A68D-ACDB-4586-9C5C-41FD4D199264}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\bwfile-8876480 - No CLSID value found O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\toolbarchrome - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\toolbarchrome {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - C:\Program Files (x86)\RadioBar\toolbar.ni.dll (IMEDIX WEB TECHNOLOGIES LTD.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.07.23 22:59:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{93bde2ef-23d7-11df-a63a-00241ddeacac}\Shell - "" = AutoRun O33 - MountPoints2\{93bde2ef-23d7-11df-a63a-00241ddeacac}\Shell\AutoRun\command - "" = L:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.26 20:33:29 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\dinu\Desktop\aswMBR.exe [2012.11.26 20:33:29 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\dinu\Desktop\tdsskiller.exe [2012.11.26 20:33:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\dinu\Desktop\OTL.exe [2012.11.26 00:24:08 | 000,000,000 | ---D | C] -- C:\Users\dinu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection [2012.11.26 00:22:14 | 000,000,000 | ---D | C] -- C:\ProgramData\A0A8FEC4E8BCA17F0000A0A85E21A69B [2012.11.19 21:13:02 | 000,000,000 | ---D | C] -- C:\Users\dinu\AppData\Local\FreePDF_XP [2012.11.15 17:08:51 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.15 17:08:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.15 17:03:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.11.15 17:03:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.11.15 17:03:33 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.11.15 17:03:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.11.15 17:03:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.11.15 17:03:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.11.15 17:03:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.11.15 17:03:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.11.15 17:03:32 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.11.15 17:03:32 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.11.15 17:03:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.11.15 17:03:32 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.11.15 17:03:31 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.11.15 17:03:31 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.11.15 17:03:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.11.15 17:00:23 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.15 17:00:23 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.15 17:00:23 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.15 17:00:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.15 13:14:15 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.15 13:14:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.15 13:14:15 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.15 13:13:19 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.15 13:13:19 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.15 13:13:19 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.15 13:13:19 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.15 13:13:19 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.15 13:13:19 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.15 13:12:19 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.15 13:12:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.11.13 00:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF [2012.11.13 00:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript [2012.11.13 00:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs [2012.11.12 23:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP [2012.11.10 13:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks [2012.11.10 13:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Juniper Networks [2012.11.10 13:08:09 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV [2012.11.05 23:06:04 | 000,000,000 | ---D | C] -- C:\Users\dinu\AppData\Local\Macromedia [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.26 20:43:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.26 20:43:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.26 20:40:18 | 001,536,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.26 20:40:18 | 000,668,128 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.26 20:40:18 | 000,627,704 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.26 20:40:18 | 000,135,796 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.26 20:40:18 | 000,111,282 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.26 20:36:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.26 20:35:59 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012.11.26 20:35:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.26 20:35:45 | 3217,678,336 | -HS- | M] () -- C:\hiberfil.sys [2012.11.26 20:34:02 | 000,000,188 | ---- | M] () -- C:\Users\dinu\defogger_reenable [2012.11.26 20:31:36 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\dinu\Desktop\aswMBR.exe [2012.11.26 20:31:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\dinu\Desktop\tdsskiller.exe [2012.11.26 20:31:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dinu\Desktop\OTL.exe [2012.11.26 20:30:52 | 000,050,477 | ---- | M] () -- C:\Users\dinu\Desktop\Defogger.exe [2012.11.26 00:24:08 | 000,002,071 | ---- | M] () -- C:\Users\dinu\Desktop\System Progressive Protection.lnk [2012.11.26 00:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.26 00:03:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.19 21:15:32 | 000,362,940 | ---- | M] () -- C:\Users\dinu\Desktop\map.pdf [2012.11.16 10:25:31 | 003,063,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.15 13:01:54 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.11.15 13:01:54 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.11.12 23:56:32 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.11.07 17:04:38 | 000,002,381 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.02 16:38:32 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.02 16:38:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.11.02 14:18:02 | 000,001,809 | ---- | M] () -- C:\Users\dinu\Desktop\Spotify.lnk [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.26 20:34:01 | 000,000,188 | ---- | C] () -- C:\Users\dinu\defogger_reenable [2012.11.26 20:33:29 | 000,050,477 | ---- | C] () -- C:\Users\dinu\Desktop\Defogger.exe [2012.11.26 00:24:08 | 000,002,071 | ---- | C] () -- C:\Users\dinu\Desktop\System Progressive Protection.lnk [2012.11.19 21:15:31 | 000,362,940 | ---- | C] () -- C:\Users\dinu\Desktop\map.pdf [2012.11.15 17:08:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.15 17:00:23 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.11.12 23:58:31 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\redmonnt.dll [2012.11.12 23:58:31 | 000,046,080 | ---- | C] () -- C:\Windows\SysNative\unredmon.exe [2012.11.12 23:56:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.11.12 23:56:32 | 000,001,986 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.04.28 09:23:38 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe [2012.04.28 09:23:29 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini [2012.04.28 09:23:25 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll [2012.04.28 09:21:25 | 000,482,408 | ---- | C] () -- C:\Windows\SSndii.exe [2012.04.28 09:20:11 | 000,143,872 | ---- | C] () -- C:\Windows\Wiainst64.exe [2012.04.11 18:02:08 | 000,424,512 | ---- | C] () -- C:\Users\dinu\AppData\Local\rx_audio.Cache [2012.04.11 18:01:28 | 009,434,544 | ---- | C] () -- C:\Users\dinu\AppData\Local\rx_image32.Cache [2012.04.11 16:01:08 | 000,000,000 | ---- | C] () -- C:\Windows\AudioDVD.INI [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.03 20:22:09 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh [2011.03.03 20:22:09 | 001,481,928 | ---- | C] () -- \task29.exe [2011.03.03 20:22:09 | 001,449,160 | ---- | C] () -- \RUUResource.dll [2011.03.03 20:22:09 | 000,213,864 | ---- | C] () -- \ModelID.fig [2011.03.03 20:22:09 | 000,175,304 | ---- | C] () -- \rapitool.exe [2011.03.03 20:22:09 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig [2011.03.03 20:22:09 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig [2011.03.03 20:22:09 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe [2011.03.03 20:22:09 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe [2011.03.03 20:22:09 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg [2010.12.25 13:04:08 | 000,000,017 | ---- | C] () -- C:\Users\dinu\AppData\Local\resmon.resmoncfg [2010.12.14 20:23:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.12.11 21:15:42 | 000,000,584 | ---- | C] () -- C:\Windows\eReg.dat [2010.08.16 17:59:21 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.08.02 16:23:24 | 000,000,126 | ---- | C] () -- C:\ProgramData\xlink.sys [2010.07.23 22:59:59 | 000,000,000 | ---- | C] () -- \autoexec.bat [2010.06.04 19:23:04 | 000,002,006 | ---- | C] () -- \aqua_bitmap.cpp [2010.04.19 23:31:19 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.03.06 13:34:52 | 000,031,744 | ---- | C] () -- C:\Users\dinu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.22 17:55:05 | 000,078,005 | ---- | C] () -- \ituneslib.itl [2010.02.21 14:08:12 | 000,000,092 | ---- | C] () -- C:\Users\dinu\AppData\Local\fusioncache.dat [2010.02.19 23:56:40 | 000,001,024 | ---- | C] () -- C:\Users\dinu\.rnd [2010.02.19 18:14:31 | 3217,678,336 | -HS- | C] () -- \hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 "ThreadingModel" = Both "" = C:\$Recycle.Bin\S-1-5-21-2443263361-934229799-1302229513-1000\$b26fa331307ad972215f031dabf7ed1e\n. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
28.11.2012, 18:11 | #4 |
| Maleware System Progressive Protection löschenCode:
ATTFilter OTL Extras logfile created on: 26.11.2012 20:50:38 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dinu\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 71.83% Memory free 7.99 Gb Paging File | 6.73 Gb Available in Paging File | 84.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.66 Gb Total Space | 10.12 Gb Free Space | 10.36% Space Free | Partition Type: NTFS Drive D: | 833.66 Gb Total Space | 739.78 Gb Free Space | 88.74% Space Free | Partition Type: NTFS Drive K: | 3.74 Gb Total Space | 2.37 Gb Free Space | 63.36% Space Free | Partition Type: FAT32 Drive M: | 232.88 Gb Total Space | 92.02 Gb Free Space | 39.51% Space Free | Partition Type: NTFS Computer Name: DINU-STEG | User Name: dinu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C0CCFCF-8145-42BB-BCAB-FEE2B33BFE65}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{177DD7FF-7335-469D-B9F1-EB32F9FAEA81}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{19F15B13-6B5D-4978-A7F2-19A609A5AE19}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{1C01B417-0E9D-4D50-BC4E-8F9E7F4B5633}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2452830B-C5BA-498E-8422-BE2B68EAEE5E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{24C3A153-47CD-4A85-A9C9-BDC518208988}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2E6FD0BD-4C1B-45B8-899F-6E169E7EF312}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{358F45A0-27EC-4BD5-955B-B2A6A69C05B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{36CE37EF-02FE-445F-B3EA-4DE45B319C1E}" = lport=2869 | protocol=6 | dir=in | app=system | "{37B32D39-C57B-4C57-9F1D-4914825A1328}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{3AC0FE28-5AAB-4463-A061-EBF0147F3D2A}" = lport=138 | protocol=17 | dir=in | app=system | "{40D1002B-BF6A-467F-8D6A-ADC89DA848E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{49F36416-6384-41CD-ADF2-1BDC1EA7D04F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4CBC76D7-D6F6-42A1-8C37-9AA3F0D3621E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5312A694-D781-4030-A50B-73D3B37440D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5B1BC383-B8F8-4E96-968E-A0C972325DCF}" = rport=138 | protocol=17 | dir=out | app=system | "{5C375D66-CA35-41D1-A098-DF3784B743D1}" = rport=445 | protocol=6 | dir=out | app=system | "{5D0197D0-D3AF-4DE5-A8AE-FF803B509D0E}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{5DF979AC-8C7C-4792-AA20-D0968A776915}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{5EC51593-61C3-44F7-8D2C-2DCEF5D492E0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{60C82BE4-95D0-4B00-B490-B6834F9B20E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6FEC573E-26FC-4C37-B94D-9B6E037645FE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{70C0F14A-31BB-4044-9FB9-EE3ED78EF555}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{768A7E4E-1272-4622-A2B3-F3B75957B254}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{78109FA7-37B5-49D0-B9BC-3887DB7004FA}" = rport=137 | protocol=17 | dir=out | app=system | "{78E68AC5-6CCC-4116-AD2A-E7EBFB53B6D3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{7E73BEEC-D3C7-4020-9132-56AB9DD25EBC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{809DDB06-D8FE-4965-A3A1-E11370FF63B6}" = lport=445 | protocol=6 | dir=in | app=system | "{8A27E919-5F19-44F2-AB06-EFFAB5D5323C}" = lport=10243 | protocol=6 | dir=in | app=system | "{8D6C7A98-D5E7-4C42-869D-6A8CC23C86AA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8E4F097E-6AC0-4FAA-B6E2-FD309CA6FCF0}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface | "{96CC7EAB-2EF1-47E5-9C11-6D8C26EF2D61}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{9C5E96CA-E25B-459C-9657-ADFE9778AEFF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9E57B067-BF22-4096-859B-FB2E786F47A3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{A2981464-2560-444D-9360-999346A4FBD4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{A2D0407E-2F5A-4E10-A722-9A52E3969EB1}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | "{A3E12F9D-6359-4CA6-8D7B-29CD83378413}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A64D252B-A882-4916-99FC-547B6618695E}" = lport=137 | protocol=17 | dir=in | app=system | "{AB1341B5-5876-4157-85B2-B456E5F484A6}" = lport=10244 | protocol=6 | dir=in | app=system | "{AD184CDF-5A50-4E8A-8EF5-D3F1D557E5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AE75AF44-3C96-4459-99F0-D53629B1F32E}" = rport=10243 | protocol=6 | dir=out | app=system | "{B930CAC4-DEBE-41A3-BDA9-D65B1F03271A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BB0CDD54-9E49-450C-B43C-AFA99AFEF310}" = lport=2869 | protocol=6 | dir=in | app=system | "{BC95010A-D28C-48B1-A852-3779791A97FC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C164A7FF-AA69-4655-9225-FD619019239F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C5A010A1-D6D5-43F5-B2C6-C9A62D548FC4}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C92BB41E-6E0D-484B-82D8-9533A98D051A}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{CB42052D-D769-4315-950B-0A28F1A64FC9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D0457882-C4FF-42AC-A706-1D171EA0C7F5}" = lport=139 | protocol=6 | dir=in | app=system | "{D6BB64D9-8A38-42FC-BE28-5A70C117788D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E2022CF6-86F8-4721-989B-AFA6A40302AB}" = rport=139 | protocol=6 | dir=out | app=system | "{E47597DB-5AB1-434B-B51B-AF231522B420}" = lport=10244 | protocol=6 | dir=in | app=system | "{E76ACAF4-29B1-443B-ABFB-652F09DF73AD}" = lport=3390 | protocol=6 | dir=in | app=system | "{EA4BAA93-B77B-4157-9EEB-E25129CF3EFB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | "{EB5048AF-30A4-4D49-921B-CA53978867AA}" = lport=2869 | protocol=6 | dir=in | app=system | "{EFF6C38F-C860-4D57-A76E-8ECD85E7AAE1}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F8508016-A135-4AE2-BAF7-B355CE11268C}" = lport=2869 | protocol=6 | dir=in | app=system | "{FA98B489-9ACF-4D23-8B2E-142742D8A4CD}" = lport=3390 | protocol=6 | dir=in | app=system | "{FD24C71D-876E-44B8-A842-7322E9BF9AF4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0163A53D-035B-4365-BA20-D7A9993F00DD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{01B7BA37-1D6C-4637-AECA-D7F143B195E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{03ADE88B-4017-48AC-A3F2-16AC435FE42F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{0480F83D-E467-4230-B8EF-5B67A6E980CB}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{0653A96D-FA86-4167-A502-645BBF8AC1B6}" = protocol=6 | dir=in | app=d:\programme\electronic arts\battlefield\bfbc2updater.exe | "{07178C80-7F53-4BC4-AAE8-D98CFB907F47}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{0788E0C9-39BC-4965-95F7-B0093FEAC65C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe | "{07D79DA9-98C5-4656-8B2D-92AB2A8ADE84}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{0B451D60-413C-4B63-AA5F-92551780C415}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{0CD97BB7-F04F-44E8-8358-0851CC2901BD}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\clx3180\sscan2io.exe | "{108DE048-5110-4167-A09C-B3E8C325768A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{110DD416-5CF2-44DA-8447-16D07AE76D70}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "{11E2D677-2CE8-47E7-A14A-BA034D6F1711}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{15E54E5F-B1AE-40CF-AC63-C55419692C06}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{1695773A-F2AF-4775-AF00-5A2645A3DCF6}" = protocol=6 | dir=in | app=c:\program files (x86)\condor\condorserver.exe | "{177BB722-31F0-48FA-85AE-925C8293B0B2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{1B21C74D-7E42-48E5-ACCA-5A11CF46C6BF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1BA9EFC9-085A-472C-B7E0-D1D56DBCFC57}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | "{1D463318-C81A-48DD-867B-D5BCF6417916}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{1D835EF7-0609-41B6-92EF-0676515E7BD8}" = protocol=17 | dir=in | app=c:\users\dinu\appdata\local\temp\rarsfx1\hl.exe | "{2082ABF1-5B22-47B6-9D0B-545BD30FAB7E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{23CBA704-ED72-41C4-BF1F-721443E7E66A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{28DD9F72-CC59-4B0E-9BAD-4B49F0996082}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{28EFC236-3A46-4DFC-8FAC-A87208CF9E30}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{293067C2-FC16-4025-A71D-120BF974EE5E}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{29484F1B-E1B0-491D-AEDD-947FC9851BD9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{29905229-2E0A-42C9-97E3-AF073A49D527}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{29E88FD7-4CDA-49D6-A3B6-86C4FA629E9B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{2B09A743-ACB6-4E66-B9FA-E68D5000AB32}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe | "{2D578250-FAC1-4354-A3BC-BDF08C77CC0C}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{31050462-F209-4027-923C-97AAF7F64447}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{320C69A2-6C6C-4FEA-A6E5-1EDC55636493}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{33AFD6A2-2B3F-43B6-A5B1-83AC4769DACB}" = protocol=6 | dir=out | app=system | "{38467B68-D2DD-4140-82F3-A0BB537DA9E8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{38580F3A-C796-4A70-98AB-66DDC5AEE309}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{3F047A5E-3798-446C-9E98-508CA75D3EB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{40EA424A-8086-4375-B2B0-D764F1ED812D}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{4102E8F0-B881-4949-9E6D-608E93ACBCA8}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{4236FCF1-D84C-441E-9FC9-8D37A0061591}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{4434AA74-ED59-45AF-B630-F77458521332}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{44B763E2-5682-4D25-9DE6-000FB1C96E07}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{45918C25-8443-4052-8640-BABCACD54B08}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{4754EE38-F406-450D-9B50-D23C52F5499F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{4E7C43D7-0A11-44A4-8814-92AAD02869A5}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{540DF57D-8677-4CA7-A617-3E6ECCEE58C9}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{57DC7655-11C0-45D2-A738-02D7398375E1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{58506F12-5683-4E2C-A4D5-AEEF809BA554}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{5B0C7E24-AF91-4FA6-9E15-119D16D65F88}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe | "{5B292195-53AE-45AA-A380-09B318D125C5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{5BCC85F3-7D43-494A-86F5-A49A3FE9206D}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{5C319B0F-3062-420F-AA85-43DCBF31726D}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.2.0-engb-downloader.exe | "{5D0645BE-1ECE-46E7-80F1-5D69D7F74FDC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5EE1A5FF-98F1-4B08-97A1-DBEADBEE0CA8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{644C154C-03A0-4A79-98EE-59BC2042FD98}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{64C05439-6BFB-4ABD-A607-DED27F36C216}" = protocol=17 | dir=in | app=c:\program files (x86)\condor\condor.exe | "{64DB6153-D7D4-437D-ACF0-956697C66451}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6602216B-E876-4D8D-AF3C-456E1E1D3837}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{676A6548-4FE6-44F3-98C5-84B217C10F1C}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "{6878BC4A-54A8-4F84-A3B6-204A0324E561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{68A5DB58-CF6E-41B5-813C-653687CFFFA5}" = protocol=6 | dir=in | app=c:\program files (x86)\condor\condor.exe | "{6B101A48-B150-4D96-913F-1B03BDC84D8E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{71E280E2-6EAF-408A-94F0-14FDBE91A204}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{75243F43-F3B6-4E45-82E3-90EA9ADA46A3}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{78B75CC6-5C01-437B-8C38-352ADEEE9A7D}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{790C68E6-F8E0-4A2C-91B9-431EA3DACBD2}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{7B578499-BC79-4662-9C09-3D64161A746B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7CA9B042-E816-4708-9E78-2359D58DAE25}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.2.0-engb-downloader.exe | "{7F96E467-D6EA-49C0-8EC7-E0239030A5CC}" = protocol=17 | dir=in | app=c:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe | "{8220F1DB-6504-4981-BA43-CA3FAFCB7DCF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{839A50F0-DAF8-4AA6-8C29-A79F46F50DB2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{885A70CE-2BDC-488F-B5DF-16E3D4A875FB}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{88E0C1F7-30F2-491D-90CB-3A69A3844304}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe | "{8A9BBBC7-2624-48E7-BB31-7B32B3A785DC}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{8B3B030E-2253-40A0-A4CE-361178A87628}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8E3481F5-4E2B-47C2-BFA1-FA2542902788}" = protocol=17 | dir=in | app=c:\program files (x86)\condor\condorserver.exe | "{8EAF1681-1A83-4F81-B8E4-2E41F5E357E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{918FE3FC-E20A-4029-A0B6-C3E58DB12194}" = protocol=6 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe | "{9295D9A4-F1A2-426A-89A6-FB3B7A1D86B3}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{964D17A5-F8C2-46FA-93E9-90B8043F5741}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{9708C94D-12B1-48D6-8EA1-7DD4F036699B}" = protocol=6 | dir=in | app=c:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe | "{98763499-28E7-4249-AFEF-02CFEF0BDF7A}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{9A05E871-48B5-43C1-B3FC-D3BE702C1DCB}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\clx3180\scan2pc.exe | "{9F519C90-FD3F-4AD5-96F5-E998B4411E9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A278056F-FB1E-42B9-A019-5980F5697EEE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{A385F5B7-647B-40F2-B1E1-7F50F6B30A77}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\clx3180\scan2pc.exe | "{A3A4C0F3-E09E-43EB-97E9-9274387F426B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A46A2F1A-E5C8-4171-8863-29287F2D6773}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "{A8EB1750-46C8-4485-8382-EEEDD73A11C8}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{A9EBD5F7-F91A-49D8-917D-CEC72CF49D79}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AB1D83F6-348E-4F6A-AA8E-256CD449BCEE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{ABDF3F0A-007A-45BB-AD2A-B368D7BEC237}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{AC60B6BF-479F-49B3-A85C-EE943DCEF61D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{ACC525EB-E3BC-4239-A37D-CADDFC9946DE}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{AE4DA755-5EEC-49EF-B3A5-4099D599DAAB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{AF71D599-8CBD-4324-924C-8C56FF96DC8E}" = protocol=6 | dir=in | app=c:\users\dinu\appdata\local\temp\rarsfx1\hl.exe | "{B1F03408-0ADF-486A-B46A-502683FF3997}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B1FE0061-DCDD-4E61-B95C-0DC0D3CD5138}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{B278FBCC-CE63-4568-AB99-A3022E6E5231}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B286964A-D791-4253-8A08-CF747815B2EA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{B61E95C2-CFD1-428A-BF24-52B58CD81E4B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B8D9AECB-59D6-4AA1-A6FC-FD229675FF32}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{BE27599A-F46F-4180-B399-AB4A53D5D1D5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2 - beta\bfbc2betaupdater.exe | "{BF7C810D-A7A2-4A12-99B0-CDC2784BD496}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{C01B5525-EDF6-4E17-B82C-EBBE39D9B018}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{C5886CA0-865B-4359-A33C-4DA338C37479}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{CA19374E-3B3C-49C3-B76F-562A7E88A3CA}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\clx3180\sscan2io.exe | "{CE224BD0-9238-4983-99AA-AD4DA08D1222}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | "{CF84BAAC-1A6A-473F-BE5F-F83909889629}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D856255E-010F-4564-93B3-5518DE014894}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{D8AE5FB2-9208-4160-9FAA-A5954713B9C7}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{DBB49164-44BF-4651-AD67-AB6EB6CF60C5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | "{DC1961D4-0E2D-49FA-B9A5-08AC28011272}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{DEEC2BF0-9507-45DD-B7BA-25B549A595E1}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{DEF449F2-28BC-4D62-8187-94EB055A2EFE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{DF2DE5F9-7587-4975-B606-6CE1A6A38295}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E08D598A-8B20-49B3-A4DC-4DEA0DC495CB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{E3017C51-CD66-4EFB-B758-C342DB2CC3BC}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{E3D3565E-87DC-4411-BA67-120B8BEB01FA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{E4886977-1BC5-4266-A8C0-0DCA57DBD415}" = protocol=17 | dir=in | app=d:\programme\electronic arts\battlefield\bfbc2updater.exe | "{E4F97751-2968-44EB-BB6E-2960BC6D00DC}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | "{E6C1E9A0-8AB0-4AC8-9434-18CF6E09E638}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{E715F5CF-249B-4D3D-9729-348282E7C343}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E783C3F7-DD98-4826-8092-967131ED1BF8}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{E8CDE0B3-5DC6-4AD9-AE42-B038C61EC478}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{EA26FC3E-86CA-4D6B-9637-133595000B38}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{EB758711-002A-47A3-8532-C4404F0747FA}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | "{EDA8D25E-E6F1-4B48-A54C-CC37DB4E863E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{EFD5CFD9-EDE8-4252-87D4-3563DEEE1BA5}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | "{F31041BF-2B1C-4D4B-BD0A-45855B035A0F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F3EBD27D-7E11-4F63-B7B5-0C13D2C1FBE5}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe | "{FC24E7A3-1B09-489F-B80B-15D569F378D9}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | "{FCBEC467-2BC0-41AD-9737-31E3E9035E8B}" = protocol=17 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe | "{FDCE9C44-C334-4B7A-9F4D-DD933EB1D41F}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{FF655B89-7033-4B7F-AE1F-21CD5138412D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{081F0D48-7210-42D1-9EA1-5622048096A5}C:\games\game alarm\gamealarm.exe" = protocol=6 | dir=in | app=c:\games\game alarm\gamealarm.exe | "TCP Query User{0D12FC00-A5DD-4B84-A4F4-8270366D1DDC}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | "TCP Query User{0D1ABAC5-C2CE-40C2-853C-3FFED8E3A769}C:\users\dinu\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\dinu\desktop\utorrent.exe | "TCP Query User{285BDB49-E78C-4813-BE61-8624DD8F1225}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | "TCP Query User{2FF87C03-8453-4BC8-8D68-AEEF432D7362}C:\users\dinu\appdata\local\temp\rarsfx1\hl.exe" = protocol=6 | dir=in | app=c:\users\dinu\appdata\local\temp\rarsfx1\hl.exe | "TCP Query User{30C82343-A528-4CA9-B3C2-AD8BF10763F1}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe | "TCP Query User{3655A9A4-8FD2-4FC8-ADA0-E65021B50165}C:\program files (x86)\condor\condorserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\condor\condorserver.exe | "TCP Query User{3E1120A8-FDDA-4B4D-99F4-0E5435EFD696}C:\users\dinu\desktop\umbrella-4.01.07.exe" = protocol=6 | dir=in | app=c:\users\dinu\desktop\umbrella-4.01.07.exe | "TCP Query User{41BC5842-4917-4186-B045-F956AB93548A}C:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe | "TCP Query User{4907ACAC-2685-425C-89AF-707DD4723886}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{58AE5A7F-E5CB-4382-91B3-8338CADADB9A}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "TCP Query User{5C2997DC-C49F-449F-ADB3-CE30C3FA6073}C:\users\dinu\desktop\wow-burningcrusade-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\dinu\desktop\wow-burningcrusade-dede-installer-downloader.exe | "TCP Query User{5E567368-23AD-4EF3-9979-2174D115CEFB}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "TCP Query User{5FD7A0C9-3E70-48A6-81E4-13BEA5F6802D}C:\users\dinu\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dinu\appdata\roaming\spotify\spotify.exe | "TCP Query User{617683C9-F48F-4628-BDE1-307139B60FF6}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{6C61E6D8-0FB6-4CD1-8638-C4A5E93C9A16}D:\programme\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\programme\tmnationsforever\tmforever.exe | "TCP Query User{7153924A-4B87-4EA0-A15A-CB14CAA8E0FA}C:\program files (x86)\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero8\nero home\nerohome.exe | "TCP Query User{7BB74A61-9B5E-463F-A32F-310908A2FBFC}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{82D0B6F4-8947-4491-A3CC-7A3A6F98AE58}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe | "TCP Query User{8AB38DCF-5F6A-4B77-88B1-87F9A79D21F0}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\launcher.exe | "TCP Query User{A5EA70AC-FE2C-4A54-A649-63AFCDF8A0E0}C:\games\game alarm\gamealarm.exe" = protocol=6 | dir=in | app=c:\games\game alarm\gamealarm.exe | "TCP Query User{BEB70948-0A8E-4137-B40D-9EC1E78FC26C}C:\users\dinu\appdata\local\temp\temp1_wow-burningcrusade-dede-installer-downloader.zip\wow-burningcrusade-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\dinu\appdata\local\temp\temp1_wow-burningcrusade-dede-installer-downloader.zip\wow-burningcrusade-dede-installer-downloader.exe | "TCP Query User{C6150DF2-8FCE-423C-9ACF-45F63C548784}C:\program files (x86)\condor\condor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\condor\condor.exe | "TCP Query User{CDE76F23-B89F-4FB2-AA03-4ED4884D9F95}C:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe | "TCP Query User{D18F4DEC-2505-49A7-B230-0FC7ED5A919C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{E1E6AE71-EE3A-4D0B-9C90-060AF5DA70FE}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "TCP Query User{EADFBCAD-5D2D-464C-9369-48F96E255FD7}C:\users\dinu\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe" = protocol=6 | dir=in | app=c:\users\dinu\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe | "TCP Query User{ED330294-F33D-4FA4-A797-43CDA1E3C189}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "UDP Query User{0073F689-7FCE-406F-8867-F38B9F41E174}C:\games\game alarm\gamealarm.exe" = protocol=17 | dir=in | app=c:\games\game alarm\gamealarm.exe | "UDP Query User{0DACB430-17D5-4E0D-99DD-165642E6EC39}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "UDP Query User{0E70B545-B2E9-4767-BB35-77FD1B9C0573}C:\users\dinu\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dinu\appdata\roaming\spotify\spotify.exe | "UDP Query User{133BF249-A729-49A5-AD1E-9EB0B523880D}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | "UDP Query User{1AFD65F3-4268-4C0A-A4A7-CDD90550F35E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{1B32871E-70BD-47D6-A102-B69C742F8474}C:\program files (x86)\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero8\nero home\nerohome.exe | "UDP Query User{2E89F3B2-3BB4-49E1-97B3-336A6710E565}C:\users\dinu\appdata\local\temp\rarsfx1\hl.exe" = protocol=17 | dir=in | app=c:\users\dinu\appdata\local\temp\rarsfx1\hl.exe | "UDP Query User{2EAFD844-95F0-46FA-96A9-B6F645B17243}C:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin64\crysis.exe | "UDP Query User{30FA0E10-B097-4926-ABDD-1419EBBAF6D9}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe | "UDP Query User{3126E12A-C2E8-4462-9D79-A1C42C5B876E}C:\program files (x86)\condor\condorserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\condor\condorserver.exe | "UDP Query User{40E11585-8D84-4113-8583-E9515D6B38CF}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{4E6DC54F-C88B-4141-AFD4-BAC0BFFEAA32}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.5.12213-to-3.3.5.12340-dede-downloader.exe | "UDP Query User{5044A061-5D42-4748-A0AC-5E244EDB964D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{6D41E050-9E0C-4DD5-A1AD-668E95ADB739}C:\users\dinu\desktop\wow-burningcrusade-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\dinu\desktop\wow-burningcrusade-dede-installer-downloader.exe | "UDP Query User{86B68765-9F8C-4F4A-B509-AE9AD83C7661}C:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\drahtwerk\iwebcamera\iwebcameraapp.exe | "UDP Query User{88C23D0E-0BFD-45CA-A227-782FEFB70183}C:\users\dinu\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\dinu\desktop\utorrent.exe | "UDP Query User{90F6107A-452E-4E51-9AF6-2795AF675B44}D:\programme\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\programme\tmnationsforever\tmforever.exe | "UDP Query User{A1832AED-A0F5-4038-8DE6-B93F0DAC298F}C:\users\dinu\appdata\local\temp\temp1_wow-burningcrusade-dede-installer-downloader.zip\wow-burningcrusade-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\dinu\appdata\local\temp\temp1_wow-burningcrusade-dede-installer-downloader.zip\wow-burningcrusade-dede-installer-downloader.exe | "UDP Query User{B545CAE3-F5D8-4D98-B9B0-DFBC7D8B8C17}C:\users\dinu\desktop\umbrella-4.01.07.exe" = protocol=17 | dir=in | app=c:\users\dinu\desktop\umbrella-4.01.07.exe | "UDP Query User{C9CD6AE7-F46B-452A-8788-2F6728D6861D}C:\program files (x86)\condor\condor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\condor\condor.exe | "UDP Query User{CC062BDF-BCFA-46FC-A9F0-C09279CBB1A7}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe | "UDP Query User{D2D31EBC-26F5-4035-9F90-A5AD71CB427E}C:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis wars\bin32\crysis.exe | "UDP Query User{D9E561A6-30D0-4F8F-B48F-5BFC0E641382}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{DF6A5BBB-73FE-48B2-ACE0-7327CEC26272}C:\users\dinu\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe" = protocol=17 | dir=in | app=c:\users\dinu\appdata\local\temp\cprogram files (x86)opera\operaupgrader.exe | "UDP Query User{DFACA0E8-B813-4453-B27E-597479AB80FC}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe | "UDP Query User{E361EDD6-5F75-40DE-9D20-CDB32D04D958}C:\games\game alarm\gamealarm.exe" = protocol=17 | dir=in | app=c:\games\game alarm\gamealarm.exe | "UDP Query User{EEA4E161-2032-44D6-AE10-5A0CA75FD638}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\wow-3.3.3.11723-to-3.3.5.12213-dede-downloader.exe | "UDP Query User{EFD2DB77-833E-4645-9D58-8224F837730C}D:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\support\world of warcraft\launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0517F875-BBB2-4812-A63E-733B33CEF215}" = Roxio System Rollback "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10 "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}" = Logitech G35 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{7E587F58-50BE-3557-89F6-14D99CB5FB2A}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007 "{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 "{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{AC3539BE-6ACD-3078-B521-0AC2884720F3}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU "Redirection Port Monitor" = RedMon - Redirection Port Monitor "Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software "SP6" = Logitech SetPoint 6.30 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00FE2935-FB56-4410-AB5F-D6E70C1771D2}" = Garmin WebUpdater "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2 "{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10 "{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4 "{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15 "{2B682751-E749-441C-A4B3-1F538E26E56E}" = Roxio System Rollback Recovery Disk "{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman) "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{302763FD-5CEA-4DFF-80C8-9B41414C4822}" = Roxio CinePlayer "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime "{3AC863D6-8E32-42CC-8B57-271D431F0D1E}" = Topo Schweiz/Suisse v2 "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync "{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4 "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Device "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack "{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R) "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2012 Pro "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{79E75FAC-61CB-41F5-82F0-1A0ADFEAB1A8}_is1" = 1.0 "{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007 "{90120000-0015-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007 "{90120000-0015-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 "{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007 "{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 "{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007 "{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 "{90120000-0019-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007 "{90120000-0019-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 "{90120000-001A-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007 "{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007 "{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{F812A9CD-23C6-4BBC-B168-ED2C68B0F003}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007 "{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007 "{90120000-001F-0403-0000-0000000FF1CE}_PROHYBRIDR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_PROHYBRIDR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007 "{90120000-001F-042D-0000-0000000FF1CE}_PROHYBRIDR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007 "{90120000-001F-0456-0000-0000000FF1CE}_PROHYBRIDR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007 "{90120000-001F-0816-0000-0000000FF1CE}_PROHYBRIDR_{C8246FCF-12F8-4212-BC89-6ED049BA2FB8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-040C-1000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0410-1000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0816-1000-0000000FF1CE}_PROHYBRIDR_{5E03E01D-304F-474D-B85F-06B2C9AE0583}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0C0A-1000-0000000FF1CE}_PROHYBRIDR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007 "{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 "{90120000-006E-0816-0000-0000000FF1CE}_PROHYBRIDR_{5E03E01D-304F-474D-B85F-06B2C9AE0583}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007 "{90120000-006E-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4 "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{96b23911-359e-4853-9174-98fc917488f5}" = Nero 9 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}" = Roxio Creator 2012 Pro "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AAD4E12B-1E0C-1191-C49F-32BA8D932E12}" = OS by Petzl "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{CE86D656-C887-4EF1-B2D7-2A1075435964}" = Face Filter "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365 "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F53529E7-07B1-409A-ACE0-3910D2338D12}" = Roxio Creator 2012 Pro "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack "5513-1208-7298-9440" = JDownloader 0.9 "abgx360" = abgx360 v0.9.4 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4 "Audio DVD Creator_is1" = Audio DVD Creator 1.9.1.0 "Avira AntiVir Desktop" = Avira Free Antivirus "CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich. "DivX Setup.divx.com" = DivX-Setup "Easy Audio/Data CD/DVD Burner_is1" = Easy Audio/Data CD/DVD Burner "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8.426 "Free Studio_is1" = Free Studio version 5.0.5 "Free Video Dub_is1" = Free Video Dub version 1.5 "Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2 "Free YouTube Download_is1" = Free YouTube Download 2.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324 "FreePDF_XP" = FreePDF (Remove only) "Google Chrome" = Google Chrome "GPL Ghostscript 9.04" = GPL Ghostscript "ifolor-OrderClient" = ifolor Bestellsoftware 3.7 "ImgBurn" = ImgBurn "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "Juniper Network Connect 6.3.0" = Juniper Networks Network Connect 6.3.0 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Opera 11.62.1347" = Opera 11.62 "OSByPetzl" = OS by Petzl "Picasa 3" = Picasa 3 "PROHYBRIDR" = 2007 Microsoft Office system "QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.0.0 "RadioBar" = RadioBar Toolbar "Samsung CLX-3180 Series" = Wartung Samsung CLX-3180 Series "Samsung Scan Assistant" = Samsung Scan Assistant "Super DVD Creator_is1" = Super DVD Creator 9.8 Trial Version "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "WinLiveSuite_Wave3" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "33030675DC63B8C8D12A223C2017505053D50B01" = Doodle Outlook Connector "CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich. "gamealarm-DEFAULT" = Game Alarm "Juniper_Setup_Client" = Juniper Networks Setup Client "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 23.01.2011 13:49:26 | Computer Name = dinu-STEG | Source = Application Hang | ID = 1002 Description = Programm POWERPNT.EXE, Version 12.0.6500.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 11f0 Startzeit: 01cbbb25d2f0bb2f Endzeit: 16 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE Berichts-ID: 16d5bea8-2719-11e0-a710-00241ddeacac Error - 24.01.2011 10:20:10 | Computer Name = dinu-STEG | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e0414 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.7930.16421, Zeitstempel: 0x4ccf4897 Ausnahmecode: 0xc0000005 Fehleroffset: 0x002c5519 ID des fehlerhaften Prozesses: 0x7c0 Startzeit der fehlerhaften Anwendung: 0x01cbbbd1bb2dad5e Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: 0c92fee4-27c5-11e0-8000-00241ddeacac Error - 26.01.2011 15:20:26 | Computer Name = dinu-STEG | Source = Application Hang | ID = 1002 Description = Programm javaw.exe, Version 6.0.150.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 6f4 Startzeit: 01cbbd8d2189a2b1 Endzeit: 28 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe Berichts-ID: Error - 26.01.2011 17:00:24 | Computer Name = dinu-STEG | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e0414 Name des fehlerhaften Moduls: MSHTML.dll, Version: 9.0.7930.16421, Zeitstempel: 0x4ccf4897 Ausnahmecode: 0xc0000005 Fehleroffset: 0x002c5519 ID des fehlerhaften Prozesses: 0x498 Startzeit der fehlerhaften Anwendung: 0x01cbbd9b9d434fd7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\MSHTML.dll Berichtskennung: 4b2afbe2-298f-11e0-bf6e-00241ddeacac Error - 06.02.2011 15:17:20 | Computer Name = dinu-STEG | Source = Windows Backup | ID = 4104 Description = Error - 07.02.2011 11:58:20 | Computer Name = dinu-STEG | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 9.0.7930.16406 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 15a0 Startzeit: 01cbc6dfbe800f3b Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: Error - 07.02.2011 13:23:10 | Computer Name = dinu-STEG | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e0414 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x121f9600 ID des fehlerhaften Prozesses: 0x189c Startzeit der fehlerhaften Anwendung: 0x01cbc6e80814e3b0 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: ef1068c1-32de-11e0-a9ce-00241ddeacac Error - 12.02.2011 16:08:15 | Computer Name = dinu-STEG | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e0414 Name des fehlerhaften Moduls: WININET.dll, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e044e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00071d76 ID des fehlerhaften Prozesses: 0x11c8 Startzeit der fehlerhaften Anwendung: 0x01cbcaf081919f8f Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\WININET.dll Berichtskennung: d301709b-36e3-11e0-8f41-00241ddeacac Error - 12.02.2011 16:08:22 | Computer Name = dinu-STEG | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e0414 Name des fehlerhaften Moduls: WININET.dll, Version: 9.0.7930.16406, Zeitstempel: 0x4c7e044e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00071d76 ID des fehlerhaften Prozesses: 0x738 Startzeit der fehlerhaften Anwendung: 0x01cbcaf09896075b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\WININET.dll Berichtskennung: d6c7df4a-36e3-11e0-8f41-00241ddeacac Error - 13.02.2011 15:22:20 | Computer Name = dinu-STEG | Source = Windows Backup | ID = 4104 Description = [ OSession Events ] Error - 24.02.2011 17:23:43 | Computer Name = dinu-STEG | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 127 seconds with 120 seconds of active time. This session ended with a crash. [ System Events ] Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = PNRPSvc | ID = 102 Description = Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = PNRPSvc | ID = 102 Description = Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 26.11.2012 15:36:43 | Computer Name = dinu-STEG | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 26.11.2012 15:39:26 | Computer Name = dinu-STEG | Source = DCOM | ID = 10010 Description = Error - 26.11.2012 15:39:54 | Computer Name = dinu-STEG | Source = DCOM | ID = 10010 Description = < End of report > Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software Run date: 2012-11-26 21:07:40 ----------------------------- 21:07:40.438 OS Version: Windows x64 6.1.7601 Service Pack 1 21:07:40.438 Number of processors: 4 586 0x1E05 21:07:40.438 ComputerName: DINU-STEG UserName: dinu 21:07:42.044 Initialize success 21:07:47.239 AVAST engine defs: 12112600 21:08:00.766 The log file has been saved successfully to "K:\aswMBR.txt" |
29.11.2012, 10:40 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Maleware System Progressive Protection löschen Die Frage war eigentlich eher, ob du Logs mit Funden von Viren- und Malwarescannern hast (AntiVir, Malwarebytes etc.) Bitte keine neuen Virenscans machen sondern erst nur schon etwaig vorhandene Logs posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Maleware System Progressive Protection löschen |
anleitung, einfach, guten, kriege, leitung, löschen, maleware, maleware sytsem progressive protection, nicht mehr, nicht mehr öffnen, problem, probleme, programm, progressive, progressive protection, protection, schumi, system, system progressive protection, troja, trojaner, versuch, versucht, virus, win7 64bit, öffnen |