| |
| |||||||
Log-Analyse und Auswertung: GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.02.2013, 19:00
| #1 |
 |  GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hallo liebes TB-Team, habe seit kurzer Zeit Probleme mit Google Chrome. Sobald ich einen weiteren tab öffne, hängen sich alle bisher geöffneten auf. Erst eine Aktualisierung haucht ihnen wieder Leben ein. Mein Internetschutz (A1) zeigte mir nichts Verdächtiges an. Da ich PC-Laie bin, war ich ratlos. Bis dato hat das immer mein Ex-Schwager gemacht, nun muss ich das wohl selber hinbekommen. Bei der Suche nach einer Lösung für mein ´hängendes Chrome-Problem´ bin ich schließlich auf eure Seite gestoßen. Ich hab auch gleich mal ein paar eurer Anleitungen durchgeführt und - BINGO - bin gleich fündig geworden. Also zuerst hab ich mal updates all meiner Programme durchgeführt, dann mit adwCleaner alle Werbungen,Toolbars ect. entfernt . Schließlich hab ich mit MalwarebytesAnti-Malware gestern und heute mehrere Scans gemacht. Und hier kam heraus, dass ich einige PUPs an Bord habe. Die Log-files hänge ich hier an: QuickScan: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Sigrid :: SIGRID-HP [Administrator] Schutz: Aktiviert 05.02.2013 12:11:13 mbam-log-2013-02-05 (12-11-13).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 238725 Laufzeit: 6 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Users\Herzogs\Downloads\installer_lionheart_kings_crusade.exe (PUP.Adbundler) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Herzogs\Downloads\minecraft setup (1).exe (PUP.AdBundle) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Herzogs\Downloads\minecraft setup.exe (PUP.AdBundle) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Herzogs\Downloads\SoftonicDownloader_fuer_samsung-kies(1).exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Herzogs\Downloads\SoftonicDownloader_fuer_samsung-kies.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.05.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Sigrid :: SIGRID-HP [Administrator] Schutz: Aktiviert 05.02.2013 13:00:59 mbam-log-2013-02-05 (13-00-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 438094 Laufzeit: 1 Stunde(n), 21 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.02.05.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Herzogs :: SIGRID-HP [limited] Protection: Enabled 06.02.2013 15:58:49 mbam-log-2013-02-06 (15-58-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 168765 Time elapsed: 13 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} (PUP.Datamngr) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Jetzt erhoffe ich mir Hilfe von euch. Mal schauen, ob ich es schaffe. Bitte Geduld haben mit mir.... Jetzt werde ich noch eure Anweisungen für Hilfesuchende befolgen und euch die logfiles hier posten. defogger gedownloaded und durchgeführt: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:12 on 06/02/2013 (Sigrid)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
OTL.txt Code:
ATTFilter OTL logfile created on: 06.02.2013 17:33:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sigrid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,94 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 34,10% Memory free
7,87 Gb Paging File | 4,70 Gb Available in Paging File | 59,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,57 Gb Total Space | 360,71 Gb Free Space | 81,50% Space Free | Partition Type: NTFS
Drive E: | 17,90 Gb Total Space | 2,72 Gb Free Space | 15,19% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,12 Gb Free Space | 42,60% Space Free | Partition Type: FAT32
Computer Name: SIGRID-HP | User Name: Sigrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.02.06 17:13:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sigrid\Desktop\OTL (1).exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2012.09.24 13:46:14 | 000,573,536 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012.06.20 12:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012.04.05 18:21:02 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
PRC - [2012.04.05 17:41:46 | 001,323,008 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011.11.10 15:02:18 | 000,823,632 | R--- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2011.11.07 16:06:55 | 001,531,280 | ---- | M] (IKARUS Security Software GmbH) -- C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
PRC - [2011.10.27 09:13:07 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011.08.11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011.05.23 10:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011.03.16 11:26:42 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011.03.16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011.02.23 23:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011.01.26 18:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.07 04:08:38 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
========== Modules (No Company Name) ==========
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013.01.09 13:47:43 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27649bdc3da750e2e072dedbff56cc0b\IAStorUtil.ni.dll
MOD - [2013.01.09 13:47:43 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll
MOD - [2013.01.09 08:24:55 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 08:24:31 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.09 08:24:25 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 08:24:13 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.09 08:24:08 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 08:24:05 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 08:24:04 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 08:23:59 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.04.05 18:21:02 | 000,200,704 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
MOD - [2011.09.05 08:57:34 | 000,366,136 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.11.14 16:16:51 | 000,308,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2012.11.14 16:16:48 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012.04.05 17:41:46 | 001,323,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2012.02.28 12:15:16 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.02.15 03:14:30 | 002,602,576 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2011.11.10 15:02:24 | 000,486,224 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011.07.15 14:09:38 | 000,137,272 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011.03.28 07:44:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.28 17:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.01.29 14:31:10 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.25 17:13:19 | 000,462,848 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe -- (SystemStoreService)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.13 16:25:39 | 005,663,232 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe -- (SelfUpdateService)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.09.24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.09.24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012.06.20 12:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012.02.15 03:00:24 | 002,268,240 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011.11.07 16:06:55 | 001,531,280 | ---- | M] (IKARUS Security Software GmbH) [Auto | Running] -- C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe -- (GuardX)
SRV - [2011.09.05 08:57:24 | 000,476,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011.08.11 19:29:24 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011.05.23 10:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.03.16 11:26:40 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011.02.23 23:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.01.26 18:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.01.17 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.01.07 04:08:38 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.01.07 04:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.11.11 08:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010.03.18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.11.14 16:32:26 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.11.14 16:16:55 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.04.05 18:33:24 | 000,100,808 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpeOpal.sys -- (MfeEpeOpal)
DRV:64bit: - [2012.04.05 18:32:56 | 000,158,920 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 12:15:16 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.02.28 12:15:16 | 000,029,976 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.12.16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2011.03.28 08:14:48 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.28 07:09:12 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.07 15:50:26 | 000,063,336 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011.01.31 11:04:42 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011.01.27 06:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.08 16:16:24 | 002,698,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.01.07 04:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.01.07 04:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.01.07 04:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.01.07 04:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.01.07 04:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.01.07 04:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.01.07 04:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.12.21 18:21:16 | 001,826,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010.12.21 06:55:02 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdm.sys -- (sscemdm)
DRV:64bit: - [2010.12.21 06:55:02 | 000,129,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssceserd.sys -- (ssceserd)
DRV:64bit: - [2010.12.21 06:55:02 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscebus.sys -- (sscebus)
DRV:64bit: - [2010.12.21 06:55:02 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscemdfl.sys -- (sscemdfl)
DRV:64bit: - [2010.12.03 01:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.12.02 09:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010.11.30 17:32:38 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 14:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 14:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 12:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.11 08:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 21:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011.11.07 16:03:24 | 000,036,816 | ---- | M] (IKARUS Security Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys -- (NTGUARD)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.05.10 23:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Stopped] -- C:\windows\SysWow64\drivers\cdrbsdrv.sys -- (cdrbsdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - No CLSID value found
IE - HKCU\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{CFC3649F-BDE7-4CBE-BCE3-D8D98D1ACD5A}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9432544508284016&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.arccosine.com/"
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..keyword.URL: "hxxp://www.arccosine.com/search.php?q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.11.14 16:31:01 | 000,000,000 | ---D | M]
[2011.09.17 21:03:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\Extensions
[2013.02.05 10:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\Firefox\Profiles\nawjmtdv.default\extensions
[2012.01.07 16:47:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\firefox\profiles\nawjmtdv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File not found (No name found) -- C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\SIGRID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NAWJMTDV.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
========== Chrome ==========
CHR - homepage: hxxp://www.google.at/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.at/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe File not found
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe File not found
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IKARUS-GuardX] C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe (IKARUS Security Software GmbH)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET) #2] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s File not found
O4 - HKCU..\Run: [OM_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: blank ([]about in Local intranet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA3EEED6-564C-4DE2-B334-BB7734ECD7E8}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD162DB0-0FFC-446F-B7C1-8113F88E6B73}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.06 17:12:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sigrid\Desktop\OTL (1).exe
[2013.02.05 22:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.05 22:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.05 22:38:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.02.05 12:10:07 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Roaming\Malwarebytes
[2013.02.05 12:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.05 12:10:01 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.02.05 12:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.05 12:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.05 09:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.02.05 09:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.05 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.05 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.02.05 09:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.02.05 08:45:22 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Local\Secunia PSI
[2013.02.05 08:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2013.02.05 00:12:19 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Roaming\QuickScan
[2013.01.29 22:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.01.28 21:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.01.28 21:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.01.09 20:16:47 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\Documents\A_RU
[2011.02.23 23:10:36 | 000,020,432 | ---- | C] (Intel Corporation) -- C:\Users\Sigrid\AppData\Roaming\JomCap.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.06 17:30:26 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2013.02.06 17:30:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.02.06 17:13:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sigrid\Desktop\OTL (1).exe
[2013.02.06 17:12:22 | 000,000,000 | ---- | M] () -- C:\Users\Sigrid\defogger_reenable
[2013.02.06 17:03:00 | 000,001,128 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
[2013.02.06 17:02:01 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
[2013.02.06 16:14:49 | 000,001,076 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
[2013.02.06 16:00:28 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 16:00:28 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 15:59:58 | 001,612,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.02.06 15:59:58 | 000,698,764 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.02.06 15:59:58 | 000,652,706 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.02.06 15:59:58 | 000,148,788 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.02.06 15:59:58 | 000,121,638 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.02.06 15:52:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.02.06 15:52:05 | 4226,138,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.05 22:43:11 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.05 21:44:05 | 000,000,432 | ---- | M] () -- C:\windows\BRWMARK.INI
[2013.02.05 18:02:02 | 000,001,072 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
[2013.02.05 15:04:20 | 000,050,477 | ---- | M] () -- C:\Users\Sigrid\Desktop\Defogger.exe
[2013.02.05 12:10:02 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.05 09:43:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.05 09:08:57 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.02.05 08:45:09 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.02.03 10:44:06 | 000,000,336 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForSigrid.job
[2013.02.01 17:14:10 | 000,000,000 | RHS- | M] () -- C:\windows\SysWow64\drivers\103C_HP_bNB_ProBook 4530s_Y5336AN_0U_QCNU1353DZQ_E636603-A42_4A_I167C_SHP_V22.1A_B68SRR F.09_T110513_W748-1_L407_M4031_J500_7Intel_86A7_92.30_#110503_N10EC8168;168C002B_(LH297EA#ABD)_XMOBILE_CN10_Z_2A0001D02.MRK
[2013.02.01 17:14:10 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_bNB_ProBook 4530s_Y5336AN_0U_QCNU1353DZQ_E636603-A42_4A_I167C_SHP_V22.1A_B68SRR F.09_T110513_W748-1_L407_M4031_J500_7Intel_86A7_92.30_#110503_N10EC8168;168C002B_(LH297EA#ABD)_XMOBILE_CN10_Z_2A0001D02.MRK
[2013.01.31 20:06:14 | 000,002,331 | ---- | M] () -- C:\Users\Sigrid\Desktop\Google Chrome.lnk
[2013.01.29 17:08:04 | 000,000,344 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForSIGRID-HP$.job
[2013.01.11 16:38:00 | 000,000,340 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForHerzogs.job
[2013.01.09 08:18:01 | 000,440,144 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.09 07:22:37 | 001,594,122 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.06 17:12:22 | 000,000,000 | ---- | C] () -- C:\Users\Sigrid\defogger_reenable
[2013.02.05 22:43:11 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.05 15:04:17 | 000,050,477 | ---- | C] () -- C:\Users\Sigrid\Desktop\Defogger.exe
[2013.02.05 12:10:02 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.05 09:43:36 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.05 09:08:57 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.02.05 08:45:09 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.02.05 08:45:09 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013.01.29 13:38:02 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.03.09 14:35:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.02.24 15:47:04 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2012.02.24 15:47:04 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2012.02.22 01:24:14 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011.11.10 15:02:22 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011.11.10 15:02:20 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011.11.10 15:02:18 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011.11.04 06:50:24 | 000,000,419 | ---- | C] () -- C:\windows\ODBC.INI
[2011.11.04 06:50:24 | 000,000,210 | ---- | C] () -- C:\windows\ODBCINST.INI
[2011.10.21 21:37:43 | 000,000,017 | ---- | C] () -- C:\Users\Sigrid\AppData\Local\resmon.resmoncfg
[2011.10.12 14:47:54 | 000,012,288 | ---- | C] () -- C:\Users\Sigrid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.27 19:20:59 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll
[2011.09.27 16:28:49 | 000,000,432 | ---- | C] () -- C:\windows\BRWMARK.INI
[2011.09.27 16:28:49 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD2030.DAT
[2011.09.16 10:54:44 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.09.16 10:54:44 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 10:54:44 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 10:54:44 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011.09.05 08:57:34 | 000,366,136 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.09.04 14:04:01 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfdbga.sys
[2011.09.04 13:52:36 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.09.04 13:49:48 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.09.04 13:48:47 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011.09.04 13:48:47 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011.08.30 10:08:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\HPUsageTrackingSDK.exe.hpsign
[2011.08.30 10:08:52 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll.hpsign
[2011.08.30 10:08:48 | 000,021,840 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll
[2011.08.24 14:55:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.08.24 14:30:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011.05.30 20:58:34 | 000,185,168 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2011.05.30 20:58:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2011.05.03 19:44:05 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfccea.sys
[2011.05.03 19:19:46 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfccdc.sys
[2011.05.03 18:49:07 | 001,594,122 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.03.28 20:10:12 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2011.03.17 18:05:12 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.02.25 23:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011.02.21 09:37:16 | 000,038,224 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.13 20:59:37 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\.minecraft
[2012.01.16 11:01:01 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\A1 Servicecenter
[2013.02.05 09:12:44 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Amazon
[2011.09.15 19:55:26 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\DigitalPersona
[2012.06.03 18:45:26 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\DVDVideoSoft
[2012.10.21 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\FreeVideoConverter
[2011.09.17 21:59:56 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\IDT
[2012.05.24 22:02:17 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\ImgBurn
[2012.01.28 15:05:12 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\IrfanView
[2012.01.16 11:27:09 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\mquadr.at
[2011.10.09 20:53:31 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\OLYMPUS
[2011.09.17 21:14:51 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\OpenOffice.org
[2012.06.23 08:06:38 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Origin
[2013.02.05 00:12:47 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\QuickScan
[2011.10.18 18:43:09 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Samsung
[2011.09.15 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Synaptics
[2011.09.17 21:03:26 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Thunderbird
[2011.09.27 19:24:33 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Tobit
[2013.02.05 08:19:36 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\uTorrent
[2012.04.23 00:15:06 | 000,000,000 | ---D | M] -- C:\Users\Sigrid\AppData\Roaming\Visan
========== Purity Check ==========
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 06.02.2013 17:33:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sigrid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,94 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 34,10% Memory free
7,87 Gb Paging File | 4,70 Gb Available in Paging File | 59,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,57 Gb Total Space | 360,71 Gb Free Space | 81,50% Space Free | Partition Type: NTFS
Drive E: | 17,90 Gb Total Space | 2,72 Gb Free Space | 15,19% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,12 Gb Free Space | 42,60% Space Free | Partition Type: FAT32
Computer Name: SIGRID-HP | User Name: Sigrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19850CB9-D072-468F-9F19-7A51CAC6CA8A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3E162A04-A4CB-4DD9-B1FA-21CB20557A6B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{92D21149-C10A-48CF-A1AA-4271503E5AFB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A4522E36-05CF-4099-B431-21A021329DDD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DBF3722-E668-452C-9C25-D43FB1ADACE7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{13C5E228-2EE3-4F21-BEAE-B06A0CE11F12}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{20EA26EF-1884-46B7-9481-39CF6B7A9A97}" = protocol=17 | dir=in | app=c:\program files (x86)\a1\a1 webassistent\a1breitband.exe |
"{297B61F5-3E51-40D9-99B2-CDAA649F9FF1}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{378F5AE0-29BE-4FB1-A025-622573ED7744}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3F0AC9E2-C588-4500-9294-EEE86A35ADF3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{48ED2D7E-DD5A-4D88-A03B-A11A4CE877B5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5171C3C2-172A-4F2F-A788-06A321D31B56}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{57E8F132-15BD-431A-9BAA-1146B838C928}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{59CD49BA-0989-4048-B260-51604FA0593D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5D4D9A57-BD4C-44E4-BEF4-AA031320437D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6BF5ED7F-5CA3-467E-BBC5-F5F2E6788874}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |
"{8D16E8B9-D64E-4A14-BA02-8B46A966D1E8}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8ED94668-C5DE-4616-8750-B98B4A2A6B58}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{95A344D3-1429-470D-B4CA-229884D51356}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9EFD2F86-2FFC-4C49-A085-60D3171A2140}" = protocol=6 | dir=in | app=c:\program files (x86)\a1\a1 webassistent\a1breitband.exe |
"{A4FFD0DA-718E-4E5C-8B2A-C5FA5F6FCE95}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |
"{AF338039-A379-4990-B285-CA1D7A670766}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CC0A0ABE-5B68-4A8A-85CF-8C8F46D846CD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D4A8C3C8-98E0-42E1-AACD-C7E83F189836}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{E959D829-80FE-48EF-BD51-4B3A90BC0B05}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{F124DF39-7C8D-4009-8140-CD46127956C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F188D9B5-C7AE-45DE-B9DD-995DC0669C0D}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"TCP Query User{91BEFA86-87DF-4B4A-9F2F-50E90DC1C36C}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{E56F9F8C-9300-480C-A150-D192D4C366F2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F1045235-4AF1-4D85-A27C-722DBFDC5B7B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3B46DABF-7FA5-4177-9B85-BF612FEE239C}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{640A4423-226C-4E09-8FBF-51D23A623DB3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CC10F49D-45F9-4749-99AC-51C58A30B99B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{555ECC75-AB3B-6434-8900-2BBA4F91F107}" = ccc-utility64
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63E42DE7-C468-31B0-E373-173C67C87B88}" = ATI Catalyst Install Manager
"{65C1BEAD-B50B-498C-BB6B-CDE4F30584B1}" = HP 3D DriveGuard
"{697E5298-CF76-43A3-AC9D-6AE2FA0F2B43}" = Validity Fingerprint Sensor Driver
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A25B75A1-D9B5-43FC-86F7-6E85DC5AB37E}" = Studie zur Verbesserung von HP Photosmart 5510 series Produkten
"{AB6268C0-EDA4-46C3-8A1C-11D86A5A8E93}" = HP Photosmart 5510 series - Grundlegende Software für das Gerät
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B617B439-87A2-4109-94A6-BD768B259F83}" = HP ProtectTools Security Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D9355D03-2C06-401B-8A16-F6500379AE21}" = HP Power Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}" = WMV9/VC-1 Video Playback
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08F10409-00BB-8843-4813-37FDDD972CB1}" = CCC Help Chinese Standard
"{08FB6F00-7D8D-5474-B70D-607638405BEB}" = CCC Help Korean
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{12379137-5A34-8311-A00C-4571E468F507}" = CCC Help Polish
"{1392513C-F92A-2893-E263-071E943CB4B8}" = Catalyst Control Center InstallProxy
"{1529490E-DC67-A7DA-E7FE-789B929E67F0}" = CCC Help Norwegian
"{18F4179A-385F-40EE-AE2D-FA0E1BE62753}" = HP Software Framework
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2E07A6AE-C2EC-05DB-8344-B562E5D9E341}" = CCC Help Swedish
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}" = HP SoftPaq Download Manager
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E918CE9-BDA6-282D-0E19-E11DF8004ABE}" = CCC Help Thai
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4441B01C-0AF2-6EE7-CDB3-AD0DB41E7147}" = CCC Help Hungarian
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{668643A5-48DD-B0E9-62E1-1FDA18D54F66}" = CCC Help Finnish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EA3784-E961-76A2-6C11-7B83AA50E56A}" = CCC Help Czech
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}" = HP Documentation
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}" = HP QuickWeb
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71543470-E3F8-6A06-08C8-783CD286D2BA}" = CCC Help German
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{76BAC71B-00A7-BBFA-5DAE-EEB0DF9F4098}" = CCC Help English
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager
"{7CF1347C-61F6-C495-127C-912FD6CB432D}" = CCC Help Japanese
"{801EAD7A-7202-4BE4-84A1-299202AD17C0}" = HP ESU for Microsoft Windows 7
"{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}" = PX Profile Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85BE1D9F-FC67-E84E-F73A-BC7125E3B717}" = CCC Help Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.2.0.9
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A1EFCBD2-B171-E24D-FAD2-4E711A312DEF}" = CCC Help Danish
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB9F8790-4ECB-1BFA-1B80-21DCD40664C3}" = CCC Help Greek
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AE6BF609-EF6A-8764-85EE-6CC65602D88E}" = CCC Help Chinese Traditional
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B26B64E8-DB83-7904-2DF9-F92A7ABC14D9}" = Catalyst Control Center Localization All
"{B3E31950-C92F-BCD9-963D-A520887A262A}" = CCC Help Turkish
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BE211EBE-AC92-515C-D122-A9DD0BC9FFA9}" = Catalyst Control Center
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C6CD49BC-E6A5-F247-0489-F3188F300A8E}" = Catalyst Control Center Profiles Mobile
"{C7C60D93-E5B7-82D7-44A4-E3EE404B56A3}" = CCC Help Dutch
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBD548E9-E421-7B51-5732-2F63B37589E2}" = CCC Help French
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D2A2E5CD-801A-4B8D-8119-F79449A09B67}" = HP System Default Settings
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7922D23-642E-0649-A3C9-38F9E0FA263E}" = CCC Help Russian
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF63FA79-75AE-45D6-715E-81E92F134702}" = CCC Help Italian
"{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}" = HP Photosmart 5510 series Hilfe
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2531547-0789-690E-9F12-3EDBDBC64DA8}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F07E6C5F-6AE1-72B3-8659-08E2ABB86DF8}" = Catalyst Control Center Graphics Previews Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aonInternetschutz.3" = A1 Internetschutz 2.0.69
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ImgBurn" = ImgBurn
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"PDF Complete" = PDF Complete Special Edition
"Picasa 3" = Picasa 3
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"VIP Access SDK" = VIP Access SDK (1.0.1.5)
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.02.2013 19:21:44 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 05.02.2013 19:21:44 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 05.02.2013 19:21:44 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 05.02.2013 19:21:44 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 05.02.2013 19:21:44 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 06.02.2013 11:22:30 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 06.02.2013 11:22:30 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 06.02.2013 12:30:06 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 06.02.2013 12:30:06 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 06.02.2013 12:30:06 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
[ Hewlett-Packard Events ]
Error - 22.06.2012 09:09:55 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 22.06.2012 09:14:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:16:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:24:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:30:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:36:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 23.06.2012 14:57:06 | Computer Name = Sigrid-HP | Source = HPSFMsgr.exe | ID = 2000
Description =
Error - 29.06.2012 04:42:40 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 29.06.2012 04:51:24 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 26.08.2012 10:23:50 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
[ HP Connection Manager Events ]
Error - 06.02.2013 12:39:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:39:34.556|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:40:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:40:34.549|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:41:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:41:34.549|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:42:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:42:34.548|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:43:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:43:34.550|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:44:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:44:34.547|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:45:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:45:34.551|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:46:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:46:34.549|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:47:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:47:34.549|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 06.02.2013 12:48:34 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/06 17:48:34.552|00001718|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
[ HP Power Assistant Events ]
Error - 24.11.2012 08:43:30 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 16.12.2012 06:22:27 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 22.12.2012 03:39:01 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Fensterthread der Systemereignisse konnte nicht erstellt werden.
Error - 22.12.2012 15:18:31 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 27.12.2012 12:39:49 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 28.12.2012 17:03:47 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 28.12.2012 17:03:47 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 04.01.2013 15:18:12 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 11.01.2013 15:00:33 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 11.01.2013 15:00:34 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
[ HP Software Framework Events ]
Error - 02.11.2012 09:43:55 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.11.02 14:43:55.051|0000115C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 05.12.2012 20:03:15 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.06 01:03:14.340|00001728|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 23.12.2012 18:25:46 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.23 23:25:46.332|00001900|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 24.12.2012 09:53:36 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.24 14:53:36.304|00000304|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 24.12.2012 09:53:36 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.24 14:53:36.492|00000304|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 26.12.2012 08:12:09 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.26 13:12:09.701|00001B4C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 26.12.2012 08:12:09 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.26 13:12:09.795|00001B4C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 25.01.2013 20:35:49 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.26 01:35:49.392|000016D0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 25.01.2013 20:35:49 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.26 01:35:49.626|000016D0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 29.01.2013 08:55:32 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.29 13:55:32.363|00000A9C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
[ OSession Events ]
Error - 13.10.2011 03:59:50 | Computer Name = Sigrid-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 335
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 05.02.2013 07:26:06 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 05.02.2013 07:28:11 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10016
Description =
Error - 05.02.2013 12:42:29 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10010
Description =
Error - 05.02.2013 17:39:25 | Computer Name = Sigrid-HP | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 05.02.2013 17:40:16 | Computer Name = Sigrid-HP | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 05.02.2013 17:41:16 | Computer Name = Sigrid-HP | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Apple Mobile Device" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
Error - 05.02.2013 19:21:47 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10010
Description =
Error - 06.02.2013 10:52:00 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.02.2013 10:52:06 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 06.02.2013 10:54:22 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10016
Description =
< End of report >
Danke erst mal ! |
|
07.02.2013, 12:11
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Zitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner? Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
07.02.2013, 18:39
| #3 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hallo, danke erst mal für dein Bemühen
__________________ Ich bin absoluter Privatanwender, die ProfessionalEdition hab ich von meiner Schwester, die sie über die Uni bezog. Da sie sie selbst jedoch nicht verwendet, bin ich in den Genuss gekommen. So, nun der logfile des anti-rootkit Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org
Database version: v2013.02.07.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Sigrid :: SIGRID-HP [administrator]
07.02.2013 18:27:44
mbar-log-2013-02-07 (18-27-44).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31032
Time elapsed: 13 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
08.02.2013, 10:56
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2013, 19:35
| #5 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hier der Logfile von Gmer (erste Versuch scheiterte, beim zweiten war leider der Internetschutz (automatisch) wieder an, der dritte war erfolgreich) Code:
ATTFilter GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-08 19:25:09
Windows 6.1.7601 Service Pack 1 x64
Running: gmer_2.0.18454.exe
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@b05ce5fff74a 0x6C 0x73 0x40 0xF4 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@60a10afb72b3 0xF9 0xCC 0x30 0x9B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@fca13e71b581 0xDA 0x36 0x03 0x54 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@44f45998cec3 0xCA 0x5A 0xBC 0xCF ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@b05ce5fff74a 0x6C 0x73 0x40 0xF4 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@60a10afb72b3 0xF9 0xCC 0x30 0x9B ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@fca13e71b581 0xDA 0x36 0x03 0x54 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@44f45998cec3 0xCA 0x5A 0xBC 0xCF ...
---- EOF - GMER 2.0 ----
Und hier der logfile von aswMBR (ich hab nur der quickscan laufen lassen, weil der so angehakt war und ich nichts verändern wollte. Sollte ich noch einen gesamtscan von C machen, bitte einfach sagen) Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-08 19:36:32
-----------------------------
19:36:32.933 OS Version: Windows x64 6.1.7601 Service Pack 1
19:36:32.933 Number of processors: 4 586 0x2A07
19:36:32.933 ComputerName: SIGRID-HP UserName: Sigrid
19:36:34.852 Initialize success
19:40:55.489 AVAST engine defs: 13020800
19:45:35.610 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:45:35.613 Disk 0 Vendor: Hitachi_ JF3O Size: 476940MB BusType: 3
19:45:36.044 Disk 0 MBR read successfully
19:45:36.046 Disk 0 MBR scan
19:45:36.049 Disk 0 Windows 7 default MBR code
19:45:36.153 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
19:45:36.296 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 453189 MB offset 616448
19:45:36.394 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18327 MB offset 928747520
19:45:36.471 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 966281216
19:45:36.896 Disk 0 scanning C:\windows\system32\drivers
19:47:31.914 Service scanning
19:48:10.519 Modules scanning
19:48:10.541 Disk 0 trace - called modules:
19:48:10.639 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
19:48:10.642 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800510f060]
19:48:10.645 3 CLASSPNP.SYS[fffff8800189c43f] -> nt!IofCallDriver -> [0xfffffa8004fc5a60]
19:48:10.649 5 hpdskflt.sys[fffff88001843189] -> nt!IofCallDriver -> [0xfffffa8004b78040]
19:48:10.652 7 ACPI.sys[fffff88000f9e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b7e050]
19:48:12.523 AVAST engine scan C:\windows
19:52:03.877 AVAST engine scan C:\windows\system32
20:06:33.197 AVAST engine scan C:\windows\system32\drivers
20:06:57.020 AVAST engine scan C:\Users\Sigrid
20:16:11.687 AVAST engine scan C:\ProgramData
20:18:15.139 Scan finished successfully
20:20:26.273 Disk 0 MBR has been saved successfully to "C:\Users\Sigrid\Desktop\MBR.dat"
20:20:26.289 The log file has been saved successfully to "C:\Users\Sigrid\Desktop\aswMBR.txt"
|
|
10.02.2013, 19:28
| #6 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hallo cosinus, wollt noch erwähnen, dass ich seit einiger zeit beim hochfahren des laptops immer die meldung bekomme "selfupdate funktioniert nicht mehr". hab ich da irgendwo ein ´totes´ programm oder kann das auch ein/der virus sein? wie find ich das raus, um welches update es sich da handelt? |
|
11.02.2013, 09:18
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefundenZitat:
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2013, 10:06
| #8 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Hier der logfile vom TDSSKiller Code:
ATTFilter 09:37:13.0413 8236 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:37:13.0897 8236 ============================================================
09:37:13.0897 8236 Current date / time: 2013/02/11 09:37:13.0897
09:37:13.0897 8236 SystemInfo:
09:37:13.0897 8236
09:37:13.0897 8236 OS Version: 6.1.7601 ServicePack: 1.0
09:37:13.0897 8236 Product type: Workstation
09:37:13.0897 8236 ComputerName: SIGRID-HP
09:37:13.0897 8236 UserName: Sigrid
09:37:13.0897 8236 Windows directory: C:\windows
09:37:13.0897 8236 System windows directory: C:\windows
09:37:13.0897 8236 Running under WOW64
09:37:13.0897 8236 Processor architecture: Intel x64
09:37:13.0897 8236 Number of processors: 4
09:37:13.0897 8236 Page size: 0x1000
09:37:13.0897 8236 Boot type: Normal boot
09:37:13.0897 8236 ============================================================
09:37:14.0958 8236 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:37:14.0973 8236 ============================================================
09:37:14.0973 8236 \Device\Harddisk0\DR0:
09:37:14.0973 8236 MBR partitions:
09:37:14.0973 8236 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
09:37:14.0973 8236 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x37522800
09:37:14.0973 8236 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x375B9000, BlocksNum 0x23CB800
09:37:14.0973 8236 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39984800, BlocksNum 0x9FD800
09:37:14.0973 8236 ============================================================
09:37:15.0067 8236 C: <-> \Device\Harddisk0\DR0\Partition2
09:37:15.0223 8236 E: <-> \Device\Harddisk0\DR0\Partition3
09:37:15.0238 8236 F: <-> \Device\Harddisk0\DR0\Partition4
09:37:15.0285 8236 ============================================================
09:37:15.0285 8236 Initialize success
09:37:15.0285 8236 ============================================================
09:37:53.0662 3020 ============================================================
09:37:53.0662 3020 Scan started
09:37:53.0662 3020 Mode: Manual; SigCheck; TDLFS;
09:37:53.0662 3020 ============================================================
09:37:53.0849 3020 ================ Scan system memory ========================
09:37:53.0849 3020 System memory - ok
09:37:53.0849 3020 ================ Scan services =============================
09:37:54.0130 3020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
09:37:54.0286 3020 1394ohci - ok
09:37:54.0317 3020 [ A3D3A95303269011060BBCFB97CA1DD5 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
09:37:54.0364 3020 Accelerometer - ok
09:37:54.0427 3020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
09:37:54.0473 3020 ACPI - ok
09:37:54.0520 3020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
09:37:54.0614 3020 AcpiPmi - ok
09:37:54.0754 3020 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:37:54.0754 3020 AdobeFlashPlayerUpdateSvc - ok
09:37:54.0785 3020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
09:37:54.0817 3020 adp94xx - ok
09:37:54.0848 3020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
09:37:54.0879 3020 adpahci - ok
09:37:54.0895 3020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
09:37:54.0910 3020 adpu320 - ok
09:37:54.0926 3020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
09:37:55.0082 3020 AeLookupSvc - ok
09:37:55.0191 3020 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
09:37:55.0347 3020 AESTFilters - ok
09:37:55.0394 3020 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
09:37:55.0425 3020 Afc - ok
09:37:55.0472 3020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
09:37:55.0534 3020 AFD - ok
09:37:55.0581 3020 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
09:37:55.0643 3020 AgereSoftModem - ok
09:37:55.0690 3020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
09:37:55.0706 3020 agp440 - ok
09:37:55.0737 3020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
09:37:55.0909 3020 ALG - ok
09:37:55.0955 3020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
09:37:55.0987 3020 aliide - ok
09:37:56.0018 3020 [ D5518E3BBFD69520FA3BDD3D05B5B458 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
09:37:56.0158 3020 AMD External Events Utility - ok
09:37:56.0174 3020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
09:37:56.0189 3020 amdide - ok
09:37:56.0205 3020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
09:37:56.0267 3020 AmdK8 - ok
09:37:56.0657 3020 [ BE85FDC481F3BFBC036BB5D96DBBD12D ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
09:37:57.0016 3020 amdkmdag - ok
09:37:57.0063 3020 [ 8E0146E61409C46855F1DD008EAEDD5D ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
09:37:57.0141 3020 amdkmdap - ok
09:37:57.0188 3020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
09:37:57.0235 3020 AmdPPM - ok
09:37:57.0281 3020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
09:37:57.0313 3020 amdsata - ok
09:37:57.0328 3020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
09:37:57.0359 3020 amdsbs - ok
09:37:57.0359 3020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
09:37:57.0375 3020 amdxata - ok
09:37:57.0422 3020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
09:37:57.0531 3020 AppID - ok
09:37:57.0562 3020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
09:37:57.0671 3020 AppIDSvc - ok
09:37:57.0703 3020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
09:37:57.0796 3020 Appinfo - ok
09:37:57.0937 3020 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:37:58.0015 3020 Apple Mobile Device - ok
09:37:58.0093 3020 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\windows\System32\appmgmts.dll
09:37:58.0155 3020 AppMgmt - ok
09:37:58.0186 3020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
09:37:58.0217 3020 arc - ok
09:37:58.0233 3020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
09:37:58.0264 3020 arcsas - ok
09:37:58.0311 3020 [ 357635F16D28558C50870F4EF8AA4712 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
09:37:58.0342 3020 ARCVCAM - ok
09:37:58.0451 3020 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:37:58.0514 3020 aspnet_state - ok
09:37:58.0545 3020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
09:37:58.0607 3020 AsyncMac - ok
09:37:58.0654 3020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
09:37:58.0701 3020 atapi - ok
09:37:58.0717 3020 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
09:37:58.0732 3020 AthBTPort - ok
09:37:58.0795 3020 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
09:37:58.0888 3020 Atheros Bt&Wlan Coex Agent - ok
09:37:58.0919 3020 [ 684B36CA4067DA7000CF95771A3CF0E7 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:37:58.0935 3020 AtherosSvc - ok
09:37:59.0029 3020 [ 675B31FCFAF319C0CBB908FEB6B90471 ] athr C:\windows\system32\DRIVERS\athrx.sys
09:37:59.0138 3020 athr - ok
09:37:59.0263 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
09:37:59.0419 3020 AudioEndpointBuilder - ok
09:37:59.0434 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
09:37:59.0465 3020 AudioSrv - ok
09:37:59.0528 3020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
09:37:59.0621 3020 AxInstSV - ok
09:37:59.0668 3020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
09:37:59.0731 3020 b06bdrv - ok
09:37:59.0762 3020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
09:37:59.0809 3020 b57nd60a - ok
09:37:59.0840 3020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
09:37:59.0918 3020 BDESVC - ok
09:37:59.0949 3020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
09:38:00.0058 3020 Beep - ok
09:38:00.0105 3020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
09:38:00.0277 3020 BFE - ok
09:38:00.0292 3020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
09:38:00.0433 3020 BITS - ok
09:38:00.0464 3020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
09:38:00.0511 3020 blbdrive - ok
09:38:00.0573 3020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:00.0651 3020 Bonjour Service - ok
09:38:00.0698 3020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
09:38:00.0745 3020 bowser - ok
09:38:00.0776 3020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
09:38:00.0854 3020 BrFiltLo - ok
09:38:00.0869 3020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
09:38:00.0901 3020 BrFiltUp - ok
09:38:00.0947 3020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
09:38:01.0057 3020 Browser - ok
09:38:01.0088 3020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
09:38:01.0119 3020 Brserid - ok
09:38:01.0150 3020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
09:38:01.0166 3020 BrSerWdm - ok
09:38:01.0181 3020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
09:38:01.0228 3020 BrUsbMdm - ok
09:38:01.0244 3020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
09:38:01.0275 3020 BrUsbSer - ok
09:38:01.0306 3020 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
09:38:01.0322 3020 BTATH_A2DP - ok
09:38:01.0353 3020 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
09:38:01.0369 3020 BTATH_BUS - ok
09:38:01.0369 3020 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
09:38:01.0384 3020 BTATH_HCRP - ok
09:38:01.0415 3020 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
09:38:01.0431 3020 BTATH_LWFLT - ok
09:38:01.0447 3020 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
09:38:01.0462 3020 BTATH_RCP - ok
09:38:01.0493 3020 [ FF8B065F96E4D9525AA7227299FBD05C ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
09:38:01.0509 3020 BtFilter - ok
09:38:01.0556 3020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
09:38:01.0665 3020 BthEnum - ok
09:38:01.0696 3020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
09:38:01.0727 3020 BTHMODEM - ok
09:38:01.0759 3020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
09:38:01.0805 3020 BthPan - ok
09:38:01.0852 3020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
09:38:01.0930 3020 BTHPORT - ok
09:38:01.0961 3020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
09:38:02.0024 3020 bthserv - ok
09:38:02.0055 3020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
09:38:02.0133 3020 BTHUSB - ok
09:38:02.0164 3020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
09:38:02.0211 3020 cdfs - ok
09:38:02.0242 3020 cdrbsdrv - ok
09:38:02.0273 3020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
09:38:02.0367 3020 cdrom - ok
09:38:02.0414 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
09:38:02.0554 3020 CertPropSvc - ok
09:38:02.0585 3020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
09:38:02.0648 3020 circlass - ok
09:38:02.0663 3020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
09:38:02.0710 3020 CLFS - ok
09:38:02.0773 3020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:02.0804 3020 clr_optimization_v2.0.50727_32 - ok
09:38:02.0851 3020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:38:02.0897 3020 clr_optimization_v2.0.50727_64 - ok
09:38:02.0960 3020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:03.0053 3020 clr_optimization_v4.0.30319_32 - ok
09:38:03.0069 3020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:38:03.0085 3020 clr_optimization_v4.0.30319_64 - ok
09:38:03.0116 3020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
09:38:03.0147 3020 CmBatt - ok
09:38:03.0163 3020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
09:38:03.0194 3020 cmdide - ok
09:38:03.0241 3020 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
09:38:03.0303 3020 CNG - ok
09:38:03.0350 3020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
09:38:03.0381 3020 Compbatt - ok
09:38:03.0412 3020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
09:38:03.0459 3020 CompositeBus - ok
09:38:03.0475 3020 COMSysApp - ok
09:38:03.0490 3020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
09:38:03.0490 3020 crcdisk - ok
09:38:03.0521 3020 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
09:38:03.0615 3020 CryptSvc - ok
09:38:03.0662 3020 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\windows\system32\drivers\csc.sys
09:38:03.0740 3020 CSC - ok
09:38:03.0771 3020 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\windows\System32\cscsvc.dll
09:38:03.0802 3020 CscService - ok
09:38:03.0833 3020 [ 2E3374F9F0B5A3247B779978980C24CB ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
09:38:03.0927 3020 DAMDrv - ok
09:38:03.0958 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
09:38:04.0005 3020 DcomLaunch - ok
09:38:04.0052 3020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
09:38:04.0192 3020 defragsvc - ok
09:38:04.0239 3020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
09:38:04.0333 3020 DfsC - ok
09:38:04.0364 3020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
09:38:04.0395 3020 Dhcp - ok
09:38:04.0411 3020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
09:38:04.0504 3020 discache - ok
09:38:04.0535 3020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
09:38:04.0535 3020 Disk - ok
09:38:04.0567 3020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
09:38:04.0598 3020 Dnscache - ok
09:38:04.0629 3020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
09:38:04.0707 3020 dot3svc - ok
09:38:04.0847 3020 [ 0B9134A45E88DCF0657382F277242F62 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
09:38:04.0925 3020 DpHost - ok
09:38:04.0972 3020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
09:38:05.0081 3020 DPS - ok
09:38:05.0113 3020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
09:38:05.0128 3020 drmkaud - ok
09:38:05.0175 3020 [ AE2661B8ADFA325AF0EA096D969533F3 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
09:38:05.0237 3020 DXGKrnl - ok
09:38:05.0253 3020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
09:38:05.0300 3020 EapHost - ok
09:38:05.0393 3020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
09:38:05.0487 3020 ebdrv - ok
09:38:05.0503 3020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
09:38:05.0549 3020 EFS - ok
09:38:05.0581 3020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
09:38:05.0674 3020 ehRecvr - ok
09:38:05.0705 3020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
09:38:05.0768 3020 ehSched - ok
09:38:05.0815 3020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
09:38:05.0861 3020 elxstor - ok
09:38:05.0893 3020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
09:38:05.0924 3020 ErrDev - ok
09:38:05.0955 3020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
09:38:06.0080 3020 EventSystem - ok
09:38:06.0127 3020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
09:38:06.0173 3020 exfat - ok
09:38:06.0189 3020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
09:38:06.0236 3020 fastfat - ok
09:38:06.0298 3020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
09:38:06.0376 3020 Fax - ok
09:38:06.0392 3020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
09:38:06.0439 3020 fdc - ok
09:38:06.0470 3020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
09:38:06.0563 3020 fdPHost - ok
09:38:06.0579 3020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
09:38:06.0704 3020 FDResPub - ok
09:38:06.0719 3020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
09:38:06.0735 3020 FileInfo - ok
09:38:06.0735 3020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
09:38:06.0797 3020 Filetrace - ok
09:38:07.0000 3020 [ A814979613C50457ED25FD60C872EBBC ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
09:38:07.0265 3020 FLCDLOCK - ok
09:38:07.0328 3020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
09:38:07.0375 3020 flpydisk - ok
09:38:07.0421 3020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
09:38:07.0468 3020 FltMgr - ok
09:38:07.0499 3020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
09:38:07.0655 3020 FontCache - ok
09:38:07.0702 3020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:38:07.0749 3020 FontCache3.0.0.0 - ok
09:38:07.0780 3020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
09:38:07.0796 3020 FsDepends - ok
09:38:07.0843 3020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
09:38:07.0936 3020 Fs_Rec - ok
09:38:07.0983 3020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
09:38:07.0999 3020 fvevol - ok
09:38:08.0030 3020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
09:38:08.0045 3020 gagp30kx - ok
09:38:08.0108 3020 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
09:38:08.0170 3020 GEARAspiWDM - ok
09:38:08.0248 3020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
09:38:08.0311 3020 gpsvc - ok
09:38:08.0420 3020 [ A35D26CE801B70039E9B00E0D6CA9807 ] GuardX C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
09:38:08.0498 3020 GuardX - ok
09:38:08.0529 3020 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:08.0545 3020 gusvc - ok
09:38:08.0560 3020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
09:38:08.0607 3020 hcw85cir - ok
09:38:08.0638 3020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
09:38:08.0716 3020 HdAudAddService - ok
09:38:08.0732 3020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
09:38:08.0763 3020 HDAudBus - ok
09:38:08.0779 3020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
09:38:08.0810 3020 HidBatt - ok
09:38:08.0825 3020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
09:38:08.0857 3020 HidBth - ok
09:38:08.0872 3020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
09:38:08.0903 3020 HidIr - ok
09:38:08.0919 3020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
09:38:09.0013 3020 hidserv - ok
09:38:09.0059 3020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
09:38:09.0075 3020 HidUsb - ok
09:38:09.0122 3020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
09:38:09.0200 3020 hkmsvc - ok
09:38:09.0247 3020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
09:38:09.0340 3020 HomeGroupListener - ok
09:38:09.0387 3020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
09:38:09.0418 3020 HomeGroupProvider - ok
09:38:09.0465 3020 [ E8F8A94109429A327521C83AE2C25941 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
09:38:09.0527 3020 HP Power Assistant Service - ok
09:38:09.0668 3020 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
09:38:09.0746 3020 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
09:38:09.0746 3020 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
09:38:09.0824 3020 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
09:38:10.0245 3020 hpCMSrv - ok
09:38:10.0307 3020 [ A9FC4D7EA174BBF5A675B299FFAD80A2 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
09:38:10.0448 3020 HPDayStarterService - ok
09:38:10.0510 3020 [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
09:38:10.0651 3020 HPDrvMntSvc.exe - ok
09:38:10.0682 3020 [ 4EC5F601B46C00DF87323CD58E8AA1A3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
09:38:10.0760 3020 hpdskflt - ok
09:38:10.0807 3020 [ 4968C0728E257B3B6210244A9CDE2A08 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
09:38:11.0103 3020 hpHotkeyMonitor - ok
09:38:11.0134 3020 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
09:38:11.0134 3020 HpqKbFiltr - ok
09:38:11.0197 3020 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
09:38:11.0571 3020 hpqwmiex - ok
09:38:11.0602 3020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
09:38:11.0618 3020 HpSAMD - ok
09:38:11.0649 3020 [ 3A63CD2EAC2188CF2660A8E8DA701AB7 ] hpsrv C:\windows\system32\Hpservice.exe
09:38:11.0727 3020 hpsrv - ok
09:38:11.0789 3020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
09:38:11.0867 3020 HTTP - ok
09:38:11.0899 3020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
09:38:11.0914 3020 hwpolicy - ok
09:38:11.0977 3020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
09:38:11.0992 3020 i8042prt - ok
09:38:12.0055 3020 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
09:38:12.0070 3020 iaStor - ok
09:38:12.0117 3020 [ 117FF657E0D9BBD61B5C3E71E63D3919 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:38:12.0133 3020 IAStorDataMgrSvc - ok
09:38:12.0164 3020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
09:38:12.0179 3020 iaStorV - ok
09:38:12.0242 3020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:38:12.0273 3020 idsvc - ok
09:38:12.0289 3020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
09:38:12.0304 3020 iirsp - ok
09:38:12.0335 3020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
09:38:12.0460 3020 IKEEXT - ok
09:38:12.0491 3020 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
09:38:12.0569 3020 IntcDAud - ok
09:38:12.0616 3020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
09:38:12.0663 3020 intelide - ok
09:38:12.0881 3020 [ EFE5A0AF39A8E179624117C521F1E012 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
09:38:13.0256 3020 intelkmd - ok
09:38:13.0287 3020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
09:38:13.0318 3020 intelppm - ok
09:38:13.0349 3020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
09:38:13.0396 3020 IPBusEnum - ok
09:38:13.0443 3020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
09:38:13.0490 3020 IpFilterDriver - ok
09:38:13.0537 3020 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
09:38:13.0568 3020 iphlpsvc - ok
09:38:13.0599 3020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
09:38:13.0615 3020 IPMIDRV - ok
09:38:13.0646 3020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
09:38:13.0739 3020 IPNAT - ok
09:38:13.0786 3020 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:38:13.0849 3020 iPod Service - ok
09:38:13.0895 3020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
09:38:13.0973 3020 IRENUM - ok
09:38:14.0020 3020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
09:38:14.0051 3020 isapnp - ok
09:38:14.0083 3020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
09:38:14.0129 3020 iScsiPrt - ok
09:38:14.0254 3020 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:38:14.0473 3020 jhi_service - ok
09:38:14.0519 3020 [ 0B44199365A69696109AB9A5855E0841 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
09:38:14.0535 3020 JMCR - ok
09:38:14.0566 3020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
09:38:14.0582 3020 kbdclass - ok
09:38:14.0613 3020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
09:38:14.0644 3020 kbdhid - ok
09:38:14.0675 3020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
09:38:14.0675 3020 KeyIso - ok
09:38:14.0722 3020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
09:38:14.0738 3020 KSecDD - ok
09:38:14.0769 3020 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
09:38:14.0878 3020 KSecPkg - ok
09:38:14.0909 3020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
09:38:14.0956 3020 ksthunk - ok
09:38:14.0972 3020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
09:38:15.0065 3020 KtmRm - ok
09:38:15.0112 3020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
09:38:15.0190 3020 LanmanServer - ok
09:38:15.0221 3020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
09:38:15.0299 3020 LanmanWorkstation - ok
09:38:15.0346 3020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
09:38:15.0424 3020 lltdio - ok
09:38:15.0440 3020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
09:38:15.0502 3020 lltdsvc - ok
09:38:15.0502 3020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
09:38:15.0549 3020 lmhosts - ok
09:38:15.0596 3020 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:38:15.0923 3020 LMS - ok
09:38:16.0017 3020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
09:38:16.0064 3020 LSI_FC - ok
09:38:16.0095 3020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
09:38:16.0111 3020 LSI_SAS - ok
09:38:16.0126 3020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
09:38:16.0142 3020 LSI_SAS2 - ok
09:38:16.0157 3020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
09:38:16.0173 3020 LSI_SCSI - ok
09:38:16.0204 3020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
09:38:16.0251 3020 luafv - ok
09:38:16.0298 3020 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
09:38:16.0376 3020 MBAMProtector - ok
09:38:16.0423 3020 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:38:16.0657 3020 MBAMScheduler - ok
09:38:16.0703 3020 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:38:17.0015 3020 MBAMService - ok
09:38:17.0140 3020 [ 9B6B1F995F70AD951496088B16BC6782 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
09:38:17.0421 3020 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - warning
09:38:17.0421 3020 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic (1)
09:38:17.0437 3020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
09:38:17.0499 3020 Mcx2Svc - ok
09:38:17.0515 3020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
09:38:17.0530 3020 megasas - ok
09:38:17.0578 3020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
09:38:17.0594 3020 MegaSR - ok
09:38:17.0625 3020 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
09:38:17.0640 3020 MEIx64 - ok
09:38:17.0687 3020 [ 1D0535ABA49C80D20807DB748CA756DF ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
09:38:17.0718 3020 MfeEpeOpal - ok
09:38:17.0750 3020 [ 01446E52580019F8A9C77BB6840BC1FC ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
09:38:17.0828 3020 MfeEpePc - ok
09:38:17.0921 3020 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
09:38:17.0984 3020 Microsoft Office Groove Audit Service - ok
09:38:17.0999 3020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
09:38:18.0062 3020 MMCSS - ok
09:38:18.0093 3020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
09:38:18.0140 3020 Modem - ok
09:38:18.0155 3020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
09:38:18.0186 3020 monitor - ok
09:38:18.0202 3020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
09:38:18.0218 3020 mouclass - ok
09:38:18.0249 3020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
09:38:18.0280 3020 mouhid - ok
09:38:18.0311 3020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
09:38:18.0358 3020 mountmgr - ok
09:38:18.0389 3020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
09:38:18.0405 3020 mpio - ok
09:38:18.0420 3020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
09:38:18.0467 3020 mpsdrv - ok
09:38:18.0498 3020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
09:38:18.0545 3020 MpsSvc - ok
09:38:18.0592 3020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
09:38:18.0686 3020 MRxDAV - ok
09:38:18.0717 3020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
09:38:18.0764 3020 mrxsmb - ok
09:38:18.0779 3020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
09:38:18.0810 3020 mrxsmb10 - ok
09:38:18.0826 3020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
09:38:18.0873 3020 mrxsmb20 - ok
09:38:18.0904 3020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
09:38:18.0920 3020 msahci - ok
09:38:18.0951 3020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
09:38:18.0966 3020 msdsm - ok
09:38:18.0982 3020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
09:38:19.0044 3020 MSDTC - ok
09:38:19.0076 3020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
09:38:19.0107 3020 Msfs - ok
09:38:19.0138 3020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
09:38:19.0169 3020 mshidkmdf - ok
09:38:19.0185 3020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
09:38:19.0216 3020 msisadrv - ok
09:38:19.0232 3020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
09:38:19.0278 3020 MSiSCSI - ok
09:38:19.0278 3020 msiserver - ok
09:38:19.0310 3020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
09:38:19.0356 3020 MSKSSRV - ok
09:38:19.0372 3020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
09:38:19.0403 3020 MSPCLOCK - ok
09:38:19.0419 3020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
09:38:19.0466 3020 MSPQM - ok
09:38:19.0481 3020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
09:38:19.0512 3020 MsRPC - ok
09:38:19.0544 3020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
09:38:19.0559 3020 mssmbios - ok
09:38:19.0575 3020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
09:38:19.0637 3020 MSTEE - ok
09:38:19.0653 3020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
09:38:19.0684 3020 MTConfig - ok
09:38:19.0700 3020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
09:38:19.0715 3020 Mup - ok
09:38:19.0762 3020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
09:38:19.0809 3020 napagent - ok
09:38:19.0871 3020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
09:38:19.0934 3020 NativeWifiP - ok
09:38:20.0012 3020 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
09:38:20.0043 3020 NDIS - ok
09:38:20.0105 3020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
09:38:20.0168 3020 NdisCap - ok
09:38:20.0183 3020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
09:38:20.0277 3020 NdisTapi - ok
09:38:20.0324 3020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
09:38:20.0386 3020 Ndisuio - ok
09:38:20.0417 3020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
09:38:20.0480 3020 NdisWan - ok
09:38:20.0511 3020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
09:38:20.0573 3020 NDProxy - ok
09:38:20.0589 3020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
09:38:20.0682 3020 NetBIOS - ok
09:38:20.0714 3020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
09:38:20.0776 3020 NetBT - ok
09:38:20.0792 3020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
09:38:20.0807 3020 Netlogon - ok
09:38:20.0838 3020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
09:38:20.0948 3020 Netman - ok
09:38:20.0994 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:21.0057 3020 NetMsmqActivator - ok
09:38:21.0072 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:21.0088 3020 NetPipeActivator - ok
09:38:21.0119 3020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
09:38:21.0150 3020 netprofm - ok
09:38:21.0182 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:21.0182 3020 NetTcpActivator - ok
09:38:21.0182 3020 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:38:21.0197 3020 NetTcpPortSharing - ok
09:38:21.0228 3020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
09:38:21.0244 3020 nfrd960 - ok
09:38:21.0275 3020 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
09:38:21.0322 3020 NlaSvc - ok
09:38:21.0369 3020 [ 7983D9201788407C4D1FC4D0BAA04E32 ] nmwcdnsux64 C:\windows\system32\drivers\nmwcdnsux64.sys
09:38:21.0431 3020 nmwcdnsux64 - ok
09:38:21.0447 3020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
09:38:21.0494 3020 Npfs - ok
09:38:21.0509 3020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
09:38:21.0587 3020 nsi - ok
09:38:21.0603 3020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
09:38:21.0650 3020 nsiproxy - ok
09:38:21.0696 3020 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
09:38:21.0743 3020 Ntfs - ok
09:38:21.0759 3020 [ BE703961C6FFE6B8FA2E158CA94F41DC ] NTGUARD C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys
09:38:21.0774 3020 NTGUARD - ok
09:38:21.0790 3020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
09:38:21.0837 3020 Null - ok
09:38:21.0884 3020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
09:38:21.0915 3020 nvraid - ok
09:38:21.0930 3020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
09:38:21.0946 3020 nvstor - ok
09:38:21.0977 3020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
09:38:21.0993 3020 nv_agp - ok
09:38:22.0071 3020 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:38:22.0196 3020 odserv - ok
09:38:22.0227 3020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
09:38:22.0258 3020 ohci1394 - ok
09:38:22.0289 3020 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:22.0289 3020 ose - ok
09:38:22.0320 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
09:38:22.0383 3020 p2pimsvc - ok
09:38:22.0398 3020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
09:38:22.0430 3020 p2psvc - ok
09:38:22.0461 3020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
09:38:22.0476 3020 Parport - ok
09:38:22.0492 3020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
09:38:22.0508 3020 partmgr - ok
09:38:22.0539 3020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
09:38:22.0632 3020 PcaSvc - ok
09:38:22.0679 3020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
09:38:22.0679 3020 pci - ok
09:38:22.0710 3020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
09:38:22.0742 3020 pciide - ok
09:38:22.0773 3020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
09:38:22.0773 3020 pcmcia - ok
09:38:22.0804 3020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
09:38:22.0820 3020 pcw - ok
09:38:22.0866 3020 pdfcDispatcher - ok
09:38:22.0898 3020 [ 4A8CC4D25525F456069887D5E8C53225 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
09:38:22.0976 3020 PdiService - ok
09:38:22.0991 3020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
09:38:23.0038 3020 PEAUTH - ok
09:38:23.0085 3020 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
09:38:23.0163 3020 PeerDistSvc - ok
09:38:23.0256 3020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
09:38:23.0319 3020 PerfHost - ok
09:38:23.0366 3020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
09:38:23.0522 3020 pla - ok
09:38:23.0553 3020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
09:38:23.0615 3020 PlugPlay - ok
09:38:23.0631 3020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
09:38:23.0662 3020 PNRPAutoReg - ok
09:38:23.0678 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
09:38:23.0693 3020 PNRPsvc - ok
09:38:23.0724 3020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
09:38:23.0787 3020 PolicyAgent - ok
09:38:23.0834 3020 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
09:38:23.0943 3020 Power - ok
09:38:23.0974 3020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
09:38:24.0021 3020 PptpMiniport - ok
09:38:24.0036 3020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
09:38:24.0068 3020 Processor - ok
09:38:24.0099 3020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
09:38:24.0192 3020 ProfSvc - ok
09:38:24.0208 3020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
09:38:24.0224 3020 ProtectedStorage - ok
09:38:24.0270 3020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
09:38:24.0317 3020 Psched - ok
09:38:24.0380 3020 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\windows\system32\DRIVERS\psi_mf.sys
09:38:24.0473 3020 PSI - ok
09:38:24.0520 3020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
09:38:24.0582 3020 ql2300 - ok
09:38:24.0614 3020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
09:38:24.0629 3020 ql40xx - ok
09:38:24.0645 3020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
09:38:24.0676 3020 QWAVE - ok
09:38:24.0692 3020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
09:38:24.0707 3020 QWAVEdrv - ok
09:38:24.0723 3020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
09:38:24.0770 3020 RasAcd - ok
09:38:24.0785 3020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
09:38:24.0832 3020 RasAgileVpn - ok
09:38:24.0863 3020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
09:38:24.0957 3020 RasAuto - ok
09:38:25.0004 3020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
09:38:25.0082 3020 Rasl2tp - ok
09:38:25.0097 3020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
09:38:25.0144 3020 RasMan - ok
09:38:25.0175 3020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
09:38:25.0222 3020 RasPppoe - ok
09:38:25.0238 3020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
09:38:25.0269 3020 RasSstp - ok
09:38:25.0300 3020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
09:38:25.0331 3020 rdbss - ok
09:38:25.0362 3020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
09:38:25.0394 3020 rdpbus - ok
09:38:25.0409 3020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
09:38:25.0456 3020 RDPCDD - ok
09:38:25.0487 3020 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
09:38:25.0534 3020 RDPDR - ok
09:38:25.0550 3020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
09:38:25.0581 3020 RDPENCDD - ok
09:38:25.0596 3020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
09:38:25.0643 3020 RDPREFMP - ok
09:38:25.0674 3020 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
09:38:25.0768 3020 RdpVideoMiniport - ok
09:38:25.0784 3020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
09:38:25.0830 3020 RDPWD - ok
09:38:25.0862 3020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
09:38:25.0877 3020 rdyboost - ok
09:38:25.0908 3020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
09:38:25.0971 3020 RemoteAccess - ok
09:38:26.0018 3020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
09:38:26.0080 3020 RemoteRegistry - ok
09:38:26.0111 3020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
09:38:26.0127 3020 RFCOMM - ok
09:38:26.0142 3020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
09:38:26.0205 3020 RpcEptMapper - ok
09:38:26.0236 3020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
09:38:26.0252 3020 RpcLocator - ok
09:38:26.0283 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
09:38:26.0345 3020 RpcSs - ok
09:38:26.0376 3020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
09:38:26.0439 3020 rspndr - ok
09:38:26.0470 3020 [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
09:38:26.0501 3020 RTL8167 - ok
09:38:26.0532 3020 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\windows\system32\drivers\vms3cap.sys
09:38:26.0564 3020 s3cap - ok
09:38:26.0579 3020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
09:38:26.0579 3020 SamSs - ok
09:38:26.0626 3020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
09:38:26.0642 3020 sbp2port - ok
09:38:26.0657 3020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
09:38:26.0704 3020 SCardSvr - ok
09:38:26.0735 3020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
09:38:26.0782 3020 scfilter - ok
09:38:26.0829 3020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
09:38:26.0907 3020 Schedule - ok
09:38:26.0938 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
09:38:26.0969 3020 SCPolicySvc - ok
09:38:27.0016 3020 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
09:38:27.0063 3020 sdbus - ok
09:38:27.0094 3020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
09:38:27.0125 3020 SDRSVC - ok
09:38:27.0141 3020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
09:38:27.0250 3020 secdrv - ok
09:38:27.0281 3020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
09:38:27.0375 3020 seclogon - ok
09:38:27.0515 3020 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
09:38:27.0546 3020 Secunia PSI Agent - ok
09:38:27.0609 3020 [ 4F2056349F8BA4154D5213BF8A476B14 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
09:38:27.0671 3020 Secunia Update Agent - ok
09:38:27.0858 3020 [ 69500F5EAFDE80040F8465CD6E72037E ] SelfUpdateService C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe
09:38:28.0030 3020 SelfUpdateService ( UnsignedFile.Multi.Generic ) - warning
09:38:28.0030 3020 SelfUpdateService - detected UnsignedFile.Multi.Generic (1)
09:38:28.0061 3020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
09:38:28.0155 3020 SENS - ok
09:38:28.0170 3020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
09:38:28.0186 3020 SensrSvc - ok
09:38:28.0217 3020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
09:38:28.0248 3020 Serenum - ok
09:38:28.0264 3020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
09:38:28.0280 3020 Serial - ok
09:38:28.0326 3020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
09:38:28.0342 3020 sermouse - ok
09:38:28.0373 3020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
09:38:28.0420 3020 SessionEnv - ok
09:38:28.0436 3020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
09:38:28.0482 3020 sffdisk - ok
09:38:28.0498 3020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
09:38:28.0514 3020 sffp_mmc - ok
09:38:28.0514 3020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
09:38:28.0592 3020 sffp_sd - ok
09:38:28.0607 3020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
09:38:28.0638 3020 sfloppy - ok
09:38:28.0670 3020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
09:38:28.0826 3020 SharedAccess - ok
09:38:28.0857 3020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
09:38:28.0904 3020 ShellHWDetection - ok
09:38:28.0919 3020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
09:38:28.0935 3020 SiSRaid2 - ok
09:38:28.0950 3020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
09:38:28.0966 3020 SiSRaid4 - ok
09:38:28.0982 3020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
09:38:29.0013 3020 Smb - ok
09:38:29.0044 3020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
09:38:29.0138 3020 SNMPTRAP - ok
09:38:29.0247 3020 [ 43FBAA2C9E6B01B6AFC40B69019C27EC ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
09:38:29.0309 3020 SNP2UVC - ok
09:38:29.0325 3020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
09:38:29.0340 3020 spldr - ok
09:38:29.0372 3020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
09:38:29.0450 3020 Spooler - ok
09:38:29.0543 3020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
09:38:29.0606 3020 sppsvc - ok
09:38:29.0637 3020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
09:38:29.0668 3020 sppuinotify - ok
09:38:29.0699 3020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
09:38:29.0746 3020 srv - ok
09:38:29.0762 3020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
09:38:29.0793 3020 srv2 - ok
09:38:29.0840 3020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
09:38:29.0886 3020 srvnet - ok
09:38:29.0933 3020 [ F74634F46692C8315E7F37F698AF3225 ] sscebus C:\windows\system32\DRIVERS\sscebus.sys
09:38:29.0964 3020 sscebus - ok
09:38:29.0980 3020 [ 82732B391EFD69B0548044BE9CB37BFC ] sscemdfl C:\windows\system32\DRIVERS\sscemdfl.sys
09:38:29.0996 3020 sscemdfl - ok
09:38:30.0027 3020 [ 43D56ACE4469D90F9790E8352D87D9B5 ] sscemdm C:\windows\system32\DRIVERS\sscemdm.sys
09:38:30.0042 3020 sscemdm - ok
09:38:30.0042 3020 [ DB504EF6D73F6B8AB5CF8A18560C4E2A ] ssceserd C:\windows\system32\DRIVERS\ssceserd.sys
09:38:30.0058 3020 ssceserd - ok
09:38:30.0089 3020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
09:38:30.0136 3020 SSDPSRV - ok
09:38:30.0152 3020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
09:38:30.0214 3020 SstpSvc - ok
09:38:30.0308 3020 [ D343109DF7DAFEC3C75AC65446F5A1A9 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
09:38:30.0401 3020 STacSV - ok
09:38:30.0417 3020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
09:38:30.0432 3020 stexstor - ok
09:38:30.0479 3020 [ 8C490A03D0E44165D8BB48CEA4787F47 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
09:38:30.0510 3020 STHDA - ok
09:38:30.0542 3020 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
09:38:30.0573 3020 StillCam - ok
09:38:30.0620 3020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
09:38:30.0682 3020 stisvc - ok
09:38:30.0713 3020 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\windows\system32\drivers\vmstorfl.sys
09:38:30.0729 3020 storflt - ok
09:38:30.0744 3020 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\windows\system32\storsvc.dll
09:38:30.0807 3020 StorSvc - ok
09:38:30.0822 3020 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\windows\system32\drivers\storvsc.sys
09:38:30.0838 3020 storvsc - ok
09:38:30.0869 3020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
09:38:30.0885 3020 swenum - ok
09:38:30.0900 3020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
09:38:31.0010 3020 swprv - ok
09:38:31.0072 3020 [ 48A191AE1F810F3F76F04187BA6B0F14 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
09:38:31.0119 3020 SynTP - ok
09:38:31.0166 3020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
09:38:31.0212 3020 SysMain - ok
09:38:31.0290 3020 [ ACAA605B51AD413DE7595194AD0F486F ] SystemStoreService C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe
09:38:31.0368 3020 SystemStoreService ( UnsignedFile.Multi.Generic ) - warning
09:38:31.0368 3020 SystemStoreService - detected UnsignedFile.Multi.Generic (1)
09:38:31.0400 3020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
09:38:31.0478 3020 TabletInputService - ok
09:38:31.0493 3020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
09:38:31.0602 3020 TapiSrv - ok
09:38:31.0618 3020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
09:38:31.0680 3020 TBS - ok
09:38:31.0743 3020 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
09:38:31.0821 3020 Tcpip - ok
09:38:31.0836 3020 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
09:38:31.0868 3020 TCPIP6 - ok
09:38:31.0899 3020 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
09:38:31.0946 3020 tcpipreg - ok
09:38:31.0961 3020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
09:38:32.0008 3020 TDPIPE - ok
09:38:32.0024 3020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
09:38:32.0055 3020 TDTCP - ok
09:38:32.0086 3020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
09:38:32.0133 3020 tdx - ok
09:38:32.0164 3020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
09:38:32.0164 3020 TermDD - ok
09:38:32.0180 3020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
09:38:32.0242 3020 TermService - ok
09:38:32.0273 3020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
09:38:32.0320 3020 Themes - ok
09:38:32.0351 3020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
09:38:32.0382 3020 THREADORDER - ok
09:38:32.0398 3020 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
09:38:32.0429 3020 TPM - ok
09:38:32.0460 3020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
09:38:32.0523 3020 TrkWks - ok
09:38:32.0570 3020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
09:38:32.0663 3020 TrustedInstaller - ok
09:38:32.0694 3020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
09:38:32.0741 3020 tssecsrv - ok
09:38:32.0757 3020 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
09:38:32.0804 3020 TsUsbFlt - ok
09:38:32.0850 3020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
09:38:32.0882 3020 tunnel - ok
09:38:32.0913 3020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
09:38:32.0960 3020 uagp35 - ok
09:38:33.0069 3020 [ D5994AB5C2B2D72D6320A7004D52617C ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
09:38:33.0225 3020 uArcCapture - ok
09:38:33.0256 3020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
09:38:33.0272 3020 udfs - ok
09:38:33.0303 3020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
09:38:33.0350 3020 UI0Detect - ok
09:38:33.0381 3020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
09:38:33.0381 3020 uliagpkx - ok
09:38:33.0412 3020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
09:38:33.0428 3020 umbus - ok
09:38:33.0443 3020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
09:38:33.0490 3020 UmPass - ok
09:38:33.0521 3020 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\windows\System32\umrdp.dll
09:38:33.0568 3020 UmRdpService - ok
09:38:33.0662 3020 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:38:34.0239 3020 UNS - ok
09:38:34.0286 3020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
09:38:34.0426 3020 upnphost - ok
09:38:34.0457 3020 [ 2B26FCB7C634C49313FD72120FB9946E ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
09:38:34.0504 3020 usbccgp - ok
09:38:34.0535 3020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
09:38:34.0566 3020 usbcir - ok
09:38:34.0613 3020 [ AA68C758B3F225618A5FD1ED40C383C4 ] usbehci C:\windows\system32\drivers\usbehci.sys
09:38:34.0629 3020 usbehci - ok
09:38:34.0644 3020 [ 66E1EF753543785D7E2C44719B2C5DAD ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
09:38:34.0676 3020 usbhub - ok
09:38:34.0707 3020 [ B26ACA4784AD1295C25A7501FD4AB79E ] usbohci C:\windows\system32\drivers\usbohci.sys
09:38:34.0738 3020 usbohci - ok
09:38:34.0769 3020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
09:38:34.0785 3020 usbprint - ok
09:38:34.0816 3020 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
09:38:34.0847 3020 usbscan - ok
09:38:34.0878 3020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
09:38:34.0925 3020 USBSTOR - ok
09:38:34.0956 3020 [ 35944CFF264134FFD2E7EED0F8B81A56 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
09:38:34.0988 3020 usbuhci - ok
09:38:35.0003 3020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
09:38:35.0034 3020 usbvideo - ok
09:38:35.0066 3020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
09:38:35.0097 3020 UxSms - ok
09:38:35.0112 3020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
09:38:35.0128 3020 VaultSvc - ok
09:38:35.0206 3020 [ 0AD1CFB05AE55ADEF7D05B91017ED6D1 ] vcsFPService C:\windows\system32\vcsFPService.exe
09:38:35.0268 3020 vcsFPService - ok
09:38:35.0300 3020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
09:38:35.0315 3020 vdrvroot - ok
09:38:35.0346 3020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
09:38:35.0424 3020 vds - ok
09:38:35.0456 3020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
09:38:35.0487 3020 vga - ok
09:38:35.0487 3020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
09:38:35.0549 3020 VgaSave - ok
09:38:35.0580 3020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
09:38:35.0596 3020 vhdmp - ok
09:38:35.0643 3020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
09:38:35.0658 3020 viaide - ok
09:38:35.0674 3020 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\windows\system32\drivers\vmbus.sys
09:38:35.0705 3020 vmbus - ok
09:38:35.0721 3020 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
09:38:35.0736 3020 VMBusHID - ok
09:38:35.0768 3020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
09:38:35.0783 3020 volmgr - ok
09:38:35.0830 3020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
09:38:35.0861 3020 volmgrx - ok
09:38:35.0877 3020 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
09:38:35.0908 3020 volsnap - ok
09:38:35.0924 3020 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
09:38:35.0955 3020 vpcbus - ok
09:38:35.0986 3020 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
09:38:36.0017 3020 vpcnfltr - ok
09:38:36.0048 3020 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
09:38:36.0095 3020 vpcusb - ok
09:38:36.0126 3020 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
09:38:36.0158 3020 vpcvmm - ok
09:38:36.0189 3020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
09:38:36.0204 3020 vsmraid - ok
09:38:36.0251 3020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
09:38:36.0314 3020 VSS - ok
09:38:36.0345 3020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
09:38:36.0376 3020 vwifibus - ok
09:38:36.0392 3020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
09:38:36.0423 3020 vwififlt - ok
09:38:36.0438 3020 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
09:38:36.0485 3020 vwifimp - ok
09:38:36.0516 3020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
09:38:36.0563 3020 W32Time - ok
09:38:36.0594 3020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
09:38:36.0626 3020 WacomPen - ok
09:38:36.0657 3020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
09:38:36.0704 3020 WANARP - ok
09:38:36.0719 3020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
09:38:36.0766 3020 Wanarpv6 - ok
09:38:36.0813 3020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
09:38:36.0860 3020 WatAdminSvc - ok
09:38:36.0906 3020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
09:38:36.0953 3020 wbengine - ok
09:38:36.0984 3020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
09:38:37.0047 3020 WbioSrvc - ok
09:38:37.0078 3020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
09:38:37.0156 3020 wcncsvc - ok
09:38:37.0172 3020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
09:38:37.0203 3020 WcsPlugInService - ok
09:38:37.0218 3020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
09:38:37.0234 3020 Wd - ok
09:38:37.0281 3020 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
09:38:37.0312 3020 Wdf01000 - ok
09:38:37.0328 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
09:38:37.0468 3020 WdiServiceHost - ok
09:38:37.0468 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
09:38:37.0484 3020 WdiSystemHost - ok
09:38:37.0515 3020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
09:38:37.0608 3020 WebClient - ok
09:38:37.0624 3020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
09:38:37.0655 3020 Wecsvc - ok
09:38:37.0671 3020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
09:38:37.0702 3020 wercplsupport - ok
09:38:37.0733 3020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
09:38:37.0764 3020 WerSvc - ok
09:38:37.0796 3020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
09:38:37.0827 3020 WfpLwf - ok
09:38:37.0842 3020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
09:38:37.0858 3020 WIMMount - ok
09:38:37.0874 3020 WinDefend - ok
09:38:37.0889 3020 WinHttpAutoProxySvc - ok
09:38:37.0936 3020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
09:38:37.0998 3020 Winmgmt - ok
09:38:38.0076 3020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
09:38:38.0139 3020 WinRM - ok
09:38:38.0186 3020 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
09:38:38.0201 3020 WinUSB - ok
09:38:38.0248 3020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
09:38:38.0279 3020 Wlansvc - ok
09:38:38.0388 3020 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:38:38.0498 3020 wlidsvc - ok
09:38:38.0529 3020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
09:38:38.0576 3020 WmiAcpi - ok
09:38:38.0607 3020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
09:38:38.0685 3020 wmiApSrv - ok
09:38:38.0716 3020 WMPNetworkSvc - ok
09:38:38.0732 3020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
09:38:38.0778 3020 WPCSvc - ok
09:38:38.0810 3020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
09:38:38.0841 3020 WPDBusEnum - ok
09:38:38.0856 3020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
09:38:38.0903 3020 ws2ifsl - ok
09:38:38.0919 3020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
09:38:38.0981 3020 wscsvc - ok
09:38:39.0012 3020 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
09:38:39.0059 3020 WSDPrintDevice - ok
09:38:39.0059 3020 WSearch - ok
09:38:39.0137 3020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
09:38:39.0200 3020 wuauserv - ok
09:38:39.0215 3020 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
09:38:39.0246 3020 WudfPf - ok
09:38:39.0278 3020 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
09:38:39.0309 3020 WUDFRd - ok
09:38:39.0340 3020 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
09:38:39.0402 3020 wudfsvc - ok
09:38:39.0434 3020 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
09:38:39.0527 3020 WwanSvc - ok
09:38:39.0543 3020 ================ Scan global ===============================
09:38:39.0558 3020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
09:38:39.0590 3020 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
09:38:39.0605 3020 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll
09:38:39.0621 3020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
09:38:39.0668 3020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
09:38:39.0683 3020 [Global] - ok
09:38:39.0683 3020 ================ Scan MBR ==================================
09:38:39.0683 3020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:38:39.0948 3020 \Device\Harddisk0\DR0 - ok
09:38:39.0948 3020 ================ Scan VBR ==================================
09:38:39.0964 3020 [ 66EE4E7D21F0964F648988A405B09CB1 ] \Device\Harddisk0\DR0\Partition1
09:38:39.0964 3020 \Device\Harddisk0\DR0\Partition1 - ok
09:38:39.0995 3020 [ E405FC9CDEC55989547866CF0E041AB9 ] \Device\Harddisk0\DR0\Partition2
09:38:39.0995 3020 \Device\Harddisk0\DR0\Partition2 - ok
09:38:40.0026 3020 [ 315220B217A743744F3FB650792CC28A ] \Device\Harddisk0\DR0\Partition3
09:38:40.0026 3020 \Device\Harddisk0\DR0\Partition3 - ok
09:38:40.0042 3020 [ F335CEE4B942CE048406D3058318D7C8 ] \Device\Harddisk0\DR0\Partition4
09:38:40.0042 3020 \Device\Harddisk0\DR0\Partition4 - ok
09:38:40.0042 3020 ============================================================
09:38:40.0042 3020 Scan finished
09:38:40.0042 3020 ============================================================
09:38:40.0073 9512 Detected object count: 4
09:38:40.0073 9512 Actual detected object count: 4
09:39:49.0025 9512 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:39:49.0025 9512 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:39:49.0025 9512 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - skipped by user
09:39:49.0025 9512 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:39:49.0025 9512 SelfUpdateService ( UnsignedFile.Multi.Generic ) - skipped by user
09:39:49.0025 9512 SelfUpdateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:39:49.0041 9512 SystemStoreService ( UnsignedFile.Multi.Generic ) - skipped by user
09:39:49.0041 9512 SystemStoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:41:02.0642 2612 Deinitialize success
|
|
11.02.2013, 10:15
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2013, 11:26
| #10 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Und nun hier der logfile von ComboFix Code:
ATTFilter ComboFix 13-02-07.02 - Sigrid 11.02.2013 10:50:25.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.4030.1885 [GMT 1:00]
ausgeführt von:: c:\users\Sigrid\Desktop\ComboFix.exe
AV: A1 Internetschutz *Disabled/Updated* {54915AF1-3B92-EB1D-9EAD-22745B2972A6}
SP: A1 Internetschutz *Disabled/Updated* {EFF0BB15-1DA8-E493-A41D-190620AE381B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
c:\users\Sigrid\AppData\Roaming\JomCap.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-11 bis 2013-02-11 ))))))))))))))))))))))))))))))
.
.
2013-02-08 14:49 . 2013-01-18 11:15 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85601DB8-06C1-47EF-992A-807795074DA4}\mpengine.dll
2013-02-06 14:58 . 2013-02-06 14:58 -------- d-----w- c:\users\Herzogs\AppData\Roaming\Malwarebytes
2013-02-05 21:42 . 2013-02-05 21:42 -------- d-----w- c:\program files\iPod
2013-02-05 21:42 . 2013-02-05 21:43 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-05 21:42 . 2013-02-05 21:42 -------- d-----w- c:\program files\iTunes
2013-02-05 21:42 . 2013-02-05 21:42 -------- d-----w- c:\program files (x86)\iTunes
2013-02-05 11:10 . 2013-02-05 11:10 -------- d-----w- c:\users\Sigrid\AppData\Roaming\Malwarebytes
2013-02-05 11:10 . 2013-02-05 11:10 -------- d-----w- c:\programdata\Malwarebytes
2013-02-05 11:10 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-05 11:10 . 2013-02-05 11:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-05 10:46 . 2013-01-17 00:28 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-02-05 08:43 . 2013-02-05 08:43 -------- d-----w- c:\program files\CCleaner
2013-02-05 08:17 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-02-05 08:13 . 2013-02-05 08:13 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2013-02-05 08:13 . 2013-02-05 08:13 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2013-02-05 08:07 . 2013-02-05 08:07 -------- d-----w- c:\program files\Bonjour
2013-02-05 08:07 . 2013-02-05 08:07 -------- d-----w- c:\program files (x86)\Bonjour
2013-02-05 08:06 . 2013-02-05 08:06 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-02-05 08:06 . 2013-02-05 08:06 -------- d-----w- c:\users\Default\AppData\Local\Apple
2013-02-05 07:45 . 2013-02-05 07:45 -------- d-----w- c:\users\Sigrid\AppData\Local\Secunia PSI
2013-02-05 07:45 . 2013-02-05 07:45 -------- d-----w- c:\program files (x86)\Secunia
2013-02-04 23:12 . 2013-02-04 23:12 -------- d-----w- c:\users\Sigrid\AppData\Roaming\QuickScan
2013-02-04 22:28 . 2013-02-04 22:28 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-31 18:23 . 2013-01-31 18:23 -------- d-----r- c:\users\Herzogs\AppData\Roaming\Brother
2013-01-29 21:23 . 2013-01-29 21:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-01-29 12:37 . 2013-02-08 15:31 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-29 11:06 . 2013-01-29 11:11 -------- d--h--w- c:\windows\msdownld.tmp
2013-01-28 20:10 . 2013-01-28 20:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-01-15 05:04 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 15:31 . 2011-09-18 20:07 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 22:27 . 2012-08-04 21:18 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-04 22:27 . 2011-09-17 20:07 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-09 06:13 . 2011-10-21 16:38 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-21 05:14 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 05:14 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 05:14 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 05:14 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 05:51 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 05:51 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 05:51 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 05:51 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 05:51 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 05:51 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 05:51 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 05:51 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 05:51 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 05:51 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 05:51 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 05:51 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 05:51 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 05:51 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 05:51 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 05:51 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 05:51 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 05:51 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 05:51 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 05:51 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 05:51 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 05:51 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 05:51 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 05:51 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 05:51 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 05:51 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 05:51 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 05:51 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 05:51 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 05:51 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 05:51 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 05:51 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 05:51 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 05:51 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 05:51 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:45 . 2013-01-09 05:51 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 05:43 . 2013-01-09 05:51 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 05:51 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 05:51 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:54 . 2013-01-09 05:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-11-30 04:53 . 2013-01-09 05:51 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 05:51 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 05:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488]
"HP Photosmart 5510 series (NET) F94F7668AC79227E37B23B9D4DB5F43E5B5DBABE81F65562A54DDE47"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IKARUS-GuardX"="c:\program files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe" [2011-11-07 5016824]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-27 169528]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\GuardX]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ntguard.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-09-24 656480]
R2 SelfUpdateService;Self Update Service;c:\program files (x86)\Freetec\SystemStore\SelfUpdate.exe -displayname Self Update Service -servicename SelfUpdateService [x]
R2 SystemStoreService;System Store Service;c:\program files (x86)\Freetec\SystemStore\SystemStore.exe -displayname System Store Service -servicename:SystemStoreService [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-12-21 127488]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 18944]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-12-21 161280]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys [2010-12-21 129024]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-19 1255736]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 NTGUARD;NTGUARD;c:\program files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [2011-11-07 36816]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-11-14 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-03-28 203264]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 GuardX;GuardX;c:\program files (x86)\A1 Internetschutz\bin\guardxservice.exe [2011-11-07 1531280]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-02-28 31000]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-23 212944]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-04-05 1323008]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-09-24 1328736]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2012-02-15 2602576]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-01-07 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-01-07 298144]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-01-07 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-01-07 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-01-07 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-01-07 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-01-07 279200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 406632]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-29 15:31]
.
2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
- c:\users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 16:57]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
- c:\users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 16:57]
.
2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
- c:\users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 04:59]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
- c:\users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 04:59]
.
2013-02-10 c:\windows\Tasks\HPCeeScheduleForHerzogs.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-01-29 c:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-02-03 c:\windows\Tasks\HPCeeScheduleForSigrid.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2012-04-05 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-11-14 1424896]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-07-15 14904]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{9d81af43-de53-48d0-a199-42c2a226b24c} - (no file)
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Wow6432Node-HKCU-Run-OM_Monitor - c:\program files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
Wow6432Node-HKCU-Run-KiesHelper - c:\program files (x86)\Samsung\Kies\KiesHelper.exe
Wow6432Node-HKLM-Run-File Sanitizer - c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
Wow6432Node-HKLM-Run-DTRun - c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SystemStoreService]
"ImagePath"="\"c:\program files (x86)\Freetec\SystemStore\SystemStore.exe\" -displayname \"System Store Service\" -servicename:SystemStoreService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-11 11:14:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-02-11 10:14
.
Vor Suchlauf: 10 Verzeichnis(se), 389.732.327.424 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 389.429.219.328 Bytes frei
.
- - End Of File - - CD4B2346794DC5AA3877B941EDC06747
|
|
11.02.2013, 12:15
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2013, 12:48
| #12 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden adwcleaner logfile Code:
ATTFilter # AdwCleaner v2.112 - Datei am 11/02/2013 um 12:19:41 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Sigrid - SIGRID-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sigrid\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Herzogs\AppData\Roaming\Mozilla\Firefox\Profiles\rs53m760.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v24.0.1312.57
Datei : C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
Datei : C:\Users\Herzogs\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [8650 octets] - [05/02/2013 10:45:35]
AdwCleaner[R2].txt - [8769 octets] - [05/02/2013 10:49:42]
AdwCleaner[R3].txt - [1849 octets] - [05/02/2013 11:24:38]
AdwCleaner[S1].txt - [343 octets] - [05/02/2013 10:48:05]
AdwCleaner[S2].txt - [8509 octets] - [05/02/2013 10:51:58]
AdwCleaner[S3].txt - [1911 octets] - [05/02/2013 11:25:36]
AdwCleaner[S4].txt - [1506 octets] - [11/02/2013 12:19:41]
########## EOF - C:\AdwCleaner[S4].txt - [1566 octets] ##########
Code:
ATTFilter OTL logfile created on: 11.02.2013 12:25:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sigrid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,94 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 47,37% Memory free
7,87 Gb Paging File | 5,34 Gb Available in Paging File | 67,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,57 Gb Total Space | 362,49 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Drive E: | 17,90 Gb Total Space | 2,72 Gb Free Space | 15,19% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,12 Gb Free Space | 42,60% Space Free | Partition Type: FAT32
Computer Name: SIGRID-HP | User Name: Sigrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sigrid\Desktop\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
PRC - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe ()
PRC - C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe (IKARUS Security Software GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.)
PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc)
PRC - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (ArcSoft, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27649bdc3da750e2e072dedbff56cc0b\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Program Files\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (McAfee Endpoint Encryption Agent) -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe ()
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
SRV:64bit: - (DpHost) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV:64bit: - (HP Power Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HPDayStarterService) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe (Hewlett-Packard Company)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SelfUpdateService) -- C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe ()
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (GuardX) -- C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe (IKARUS Security Software GmbH)
SRV - (FLCDLOCK) -- c:\Windows\SysWOW64\flcdlock.exe (Hewlett-Packard Company)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (hpCMSrv) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.)
SRV - (PdiService) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (uArcCapture) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (ArcSoft, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MfeEpeOpal) -- C:\windows\SysNative\drivers\MfeEpeOpal.sys (McAfee, Inc.)
DRV:64bit: - (MfeEpePc) -- C:\windows\SysNative\drivers\MfeEpePc.sys (McAfee, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (DAMDrv) -- C:\Windows\SysNative\drivers\DAMDrv64.sys (Hewlett-Packard Company)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (sscemdm) -- C:\Windows\SysNative\drivers\sscemdm.sys (MCCI Corporation)
DRV:64bit: - (ssceserd) -- C:\Windows\SysNative\drivers\ssceserd.sys (MCCI Corporation)
DRV:64bit: - (sscebus) -- C:\Windows\SysNative\drivers\sscebus.sys (MCCI Corporation)
DRV:64bit: - (sscemdfl) -- C:\Windows\SysNative\drivers\sscemdfl.sys (MCCI Corporation)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (ARCVCAM) -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys (ArcSoft, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NTGUARD) -- C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys (IKARUS Security Software GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (cdrbsdrv) -- C:\windows\SysWow64\drivers\cdrbsdrv.sys (B.H.A Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..\SearchScopes\{CFC3649F-BDE7-4CBE-BCE3-D8D98D1ACD5A}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9432544508284016&q={searchTerms}
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.arccosine.com/"
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.4.0.0
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..keyword.URL: "hxxp://www.arccosine.com/search.php?q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.11.14 16:31:01 | 000,000,000 | ---D | M]
[2011.09.17 21:03:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\Extensions
[2013.02.05 10:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\Firefox\Profiles\nawjmtdv.default\extensions
[2012.01.07 16:47:04 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Sigrid\AppData\Roaming\mozilla\firefox\profiles\nawjmtdv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File not found (No name found) -- C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
File not found (No name found) -- C:\USERS\SIGRID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NAWJMTDV.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
========== Chrome ==========
CHR - homepage: hxxp://www.google.at/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.at/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sigrid\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Herzogs\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Herzogs\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Herzogs\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Herzogs\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Herzogs\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
O1 HOSTS File: ([2013.02.11 11:09:47 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IKARUS-GuardX] C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe (IKARUS Security Software GmbH)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001..\Run: [HP Photosmart 5510 series (NET) #2] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..Trusted Domains: blank ([]about in Local intranet)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA3EEED6-564C-4DE2-B334-BB7734ECD7E8}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD162DB0-0FFC-446F-B7C1-8113F88E6B73}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.11 11:14:14 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013.02.11 11:09:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.11 10:47:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.02.11 10:47:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.02.11 10:47:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.02.11 10:47:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.11 10:46:52 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.02.11 10:20:24 | 005,030,592 | R--- | C] (Swearware) -- C:\Users\Sigrid\Desktop\ComboFix.exe
[2013.02.11 09:29:28 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sigrid\Desktop\tdsskiller.exe
[2013.02.08 16:27:01 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Sigrid\Desktop\aswMBR.exe
[2013.02.07 18:07:05 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\Desktop\mbar-1.01.0.1017
[2013.02.06 17:12:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sigrid\Desktop\OTL (1).exe
[2013.02.05 22:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.05 22:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.05 22:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.05 22:38:44 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.02.05 12:10:07 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Roaming\Malwarebytes
[2013.02.05 12:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.05 12:10:01 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.02.05 12:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.05 12:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.05 09:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.02.05 09:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.05 09:17:03 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2013.02.05 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.05 09:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.02.05 09:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.02.05 08:45:22 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Local\Secunia PSI
[2013.02.05 08:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2013.02.05 00:12:19 | 000,000,000 | ---D | C] -- C:\Users\Sigrid\AppData\Roaming\QuickScan
[2013.02.04 23:28:25 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013.02.04 23:28:10 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013.02.04 23:28:10 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013.02.04 23:28:10 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.29 22:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.01.29 13:37:59 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.28 21:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.01.28 21:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.11 12:30:03 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.02.11 12:29:50 | 001,612,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.02.11 12:29:50 | 000,698,764 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.02.11 12:29:50 | 000,652,706 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.02.11 12:29:50 | 000,148,788 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.02.11 12:29:50 | 000,121,638 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.02.11 12:29:41 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 12:29:41 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 12:23:18 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2013.02.11 12:21:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.02.11 12:21:13 | 4226,138,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.11 12:18:01 | 000,587,659 | ---- | M] () -- C:\Users\Sigrid\Desktop\adwcleaner.exe
[2013.02.11 12:03:00 | 000,001,128 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
[2013.02.11 12:02:01 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
[2013.02.11 11:09:47 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013.02.11 10:20:55 | 005,030,592 | R--- | M] (Swearware) -- C:\Users\Sigrid\Desktop\ComboFix.exe
[2013.02.11 09:29:39 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sigrid\Desktop\tdsskiller.exe
[2013.02.11 09:26:51 | 000,048,216 | ---- | M] () -- C:\Users\Sigrid\Desktop\unseren_augen_verborgen.pdf
[2013.02.11 08:30:51 | 000,000,432 | ---- | M] () -- C:\windows\BRWMARK.INI
[2013.02.10 18:52:27 | 000,001,072 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
[2013.02.10 16:37:02 | 000,000,340 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForHerzogs.job
[2013.02.10 16:03:01 | 000,001,076 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
[2013.02.08 23:09:08 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\ClipGrab.lnk
[2013.02.08 21:14:39 | 000,007,597 | ---- | M] () -- C:\Users\Sigrid\AppData\Local\resmon.resmoncfg
[2013.02.08 20:20:26 | 000,000,512 | ---- | M] () -- C:\Users\Sigrid\Desktop\MBR.dat
[2013.02.08 16:31:06 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 16:31:06 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.08 16:28:21 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Sigrid\Desktop\aswMBR.exe
[2013.02.08 16:22:42 | 000,365,568 | ---- | M] () -- C:\Users\Sigrid\Desktop\gmer_2.0.18454.exe
[2013.02.07 17:56:28 | 013,562,257 | ---- | M] () -- C:\Users\Sigrid\Desktop\mbar-1.01.0.1017.zip
[2013.02.06 17:13:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sigrid\Desktop\OTL (1).exe
[2013.02.06 17:12:22 | 000,000,000 | ---- | M] () -- C:\Users\Sigrid\defogger_reenable
[2013.02.05 22:43:11 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.05 15:04:20 | 000,050,477 | ---- | M] () -- C:\Users\Sigrid\Desktop\Defogger.exe
[2013.02.05 12:10:02 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.05 09:43:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.05 09:08:57 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.02.05 08:45:09 | 000,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.02.04 23:28:00 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.04 23:27:55 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013.02.04 23:27:55 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013.02.04 23:27:54 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013.02.04 23:27:53 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll
[2013.02.04 23:27:52 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll
[2013.02.03 10:44:06 | 000,000,336 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForSigrid.job
[2013.02.01 17:14:10 | 000,000,000 | RHS- | M] () -- C:\windows\SysWow64\drivers\103C_HP_bNB_ProBook 4530s_Y5336AN_0U_QCNU1353DZQ_E636603-A42_4A_I167C_SHP_V22.1A_B68SRR F.09_T110513_W748-1_L407_M4031_J500_7Intel_86A7_92.30_#110503_N10EC8168;168C002B_(LH297EA#ABD)_XMOBILE_CN10_Z_2A0001D02.MRK
[2013.02.01 17:14:10 | 000,000,000 | RHS- | M] () -- C:\windows\SysNative\drivers\103C_HP_bNB_ProBook 4530s_Y5336AN_0U_QCNU1353DZQ_E636603-A42_4A_I167C_SHP_V22.1A_B68SRR F.09_T110513_W748-1_L407_M4031_J500_7Intel_86A7_92.30_#110503_N10EC8168;168C002B_(LH297EA#ABD)_XMOBILE_CN10_Z_2A0001D02.MRK
[2013.01.31 20:06:14 | 000,002,331 | ---- | M] () -- C:\Users\Sigrid\Desktop\Google Chrome.lnk
[2013.01.29 17:08:04 | 000,000,344 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForSIGRID-HP$.job
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.11 12:17:52 | 000,587,659 | ---- | C] () -- C:\Users\Sigrid\Desktop\adwcleaner.exe
[2013.02.11 10:47:23 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.02.11 10:47:23 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.02.11 10:47:23 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.02.11 10:47:23 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.02.11 10:47:23 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.02.11 09:26:49 | 000,048,216 | ---- | C] () -- C:\Users\Sigrid\Desktop\unseren_augen_verborgen.pdf
[2013.02.08 20:20:26 | 000,000,512 | ---- | C] () -- C:\Users\Sigrid\Desktop\MBR.dat
[2013.02.08 16:22:36 | 000,365,568 | ---- | C] () -- C:\Users\Sigrid\Desktop\gmer_2.0.18454.exe
[2013.02.07 17:55:33 | 013,562,257 | ---- | C] () -- C:\Users\Sigrid\Desktop\mbar-1.01.0.1017.zip
[2013.02.06 17:12:22 | 000,000,000 | ---- | C] () -- C:\Users\Sigrid\defogger_reenable
[2013.02.05 22:43:11 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.05 15:04:17 | 000,050,477 | ---- | C] () -- C:\Users\Sigrid\Desktop\Defogger.exe
[2013.02.05 12:10:02 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.05 09:43:36 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.05 09:08:57 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.02.05 08:45:09 | 000,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013.02.05 08:45:09 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013.01.29 13:38:02 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.03.09 14:35:09 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.02.24 15:47:04 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2012.02.24 15:47:04 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2012.02.22 01:24:14 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2011.11.10 15:02:22 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2011.11.10 15:02:20 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2011.11.10 15:02:18 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2011.11.04 06:50:24 | 000,000,419 | ---- | C] () -- C:\windows\ODBC.INI
[2011.11.04 06:50:24 | 000,000,210 | ---- | C] () -- C:\windows\ODBCINST.INI
[2011.10.21 21:37:43 | 000,007,597 | ---- | C] () -- C:\Users\Sigrid\AppData\Local\resmon.resmoncfg
[2011.10.12 14:47:54 | 000,012,288 | ---- | C] () -- C:\Users\Sigrid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.27 19:20:59 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll
[2011.09.27 16:28:49 | 000,000,432 | ---- | C] () -- C:\windows\BRWMARK.INI
[2011.09.27 16:28:49 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD2030.DAT
[2011.09.16 10:54:44 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011.09.16 10:54:44 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 10:54:44 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 10:54:44 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2011.09.05 08:57:34 | 000,366,136 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.09.04 14:04:01 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfdbga.sys
[2011.09.04 13:52:36 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.09.04 13:49:48 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.09.04 13:48:47 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2011.09.04 13:48:47 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2011.08.30 10:08:54 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\HPUsageTrackingSDK.exe.hpsign
[2011.08.30 10:08:52 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll.hpsign
[2011.08.30 10:08:48 | 000,021,840 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll
[2011.08.24 14:55:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2011.08.24 14:30:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2011.05.30 20:58:34 | 000,185,168 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2011.05.30 20:58:34 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2011.05.03 19:44:05 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfccea.sys
[2011.05.03 19:19:46 | 000,003,120 | ---- | C] () -- C:\windows\SysWow64\drivers\wdfccdc.sys
[2011.05.03 18:49:07 | 001,594,122 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.03.28 20:10:12 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2011.03.17 18:05:12 | 000,003,914 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.02.25 23:32:12 | 000,012,144 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2011.02.21 09:37:16 | 000,038,224 | ---- | C] () -- C:\windows\SysWow64\CoHpCasl.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 11.02.2013 12:25:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sigrid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,94 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 47,37% Memory free
7,87 Gb Paging File | 5,34 Gb Available in Paging File | 67,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442,57 Gb Total Space | 362,49 Gb Free Space | 81,91% Space Free | Partition Type: NTFS
Drive E: | 17,90 Gb Total Space | 2,72 Gb Free Space | 15,19% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,12 Gb Free Space | 42,60% Space Free | Partition Type: FAT32
Computer Name: SIGRID-HP | User Name: Sigrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19850CB9-D072-468F-9F19-7A51CAC6CA8A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3E162A04-A4CB-4DD9-B1FA-21CB20557A6B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{92D21149-C10A-48CF-A1AA-4271503E5AFB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A4522E36-05CF-4099-B431-21A021329DDD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DBF3722-E668-452C-9C25-D43FB1ADACE7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{13C5E228-2EE3-4F21-BEAE-B06A0CE11F12}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{20EA26EF-1884-46B7-9481-39CF6B7A9A97}" = protocol=17 | dir=in | app=c:\program files (x86)\a1\a1 webassistent\a1breitband.exe |
"{297B61F5-3E51-40D9-99B2-CDAA649F9FF1}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{378F5AE0-29BE-4FB1-A025-622573ED7744}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3F0AC9E2-C588-4500-9294-EEE86A35ADF3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{48ED2D7E-DD5A-4D88-A03B-A11A4CE877B5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5171C3C2-172A-4F2F-A788-06A321D31B56}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{57E8F132-15BD-431A-9BAA-1146B838C928}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{59CD49BA-0989-4048-B260-51604FA0593D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5D4D9A57-BD4C-44E4-BEF4-AA031320437D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6BF5ED7F-5CA3-467E-BBC5-F5F2E6788874}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe |
"{8D16E8B9-D64E-4A14-BA02-8B46A966D1E8}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8ED94668-C5DE-4616-8750-B98B4A2A6B58}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{95A344D3-1429-470D-B4CA-229884D51356}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9EFD2F86-2FFC-4C49-A085-60D3171A2140}" = protocol=6 | dir=in | app=c:\program files (x86)\a1\a1 webassistent\a1breitband.exe |
"{A4FFD0DA-718E-4E5C-8B2A-C5FA5F6FCE95}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe |
"{AF338039-A379-4990-B285-CA1D7A670766}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CC0A0ABE-5B68-4A8A-85CF-8C8F46D846CD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D4A8C3C8-98E0-42E1-AACD-C7E83F189836}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{E959D829-80FE-48EF-BD51-4B3A90BC0B05}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{F124DF39-7C8D-4009-8140-CD46127956C0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F188D9B5-C7AE-45DE-B9DD-995DC0669C0D}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"TCP Query User{91BEFA86-87DF-4B4A-9F2F-50E90DC1C36C}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{E56F9F8C-9300-480C-A150-D192D4C366F2}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F1045235-4AF1-4D85-A27C-722DBFDC5B7B}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3B46DABF-7FA5-4177-9B85-BF612FEE239C}C:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{640A4423-226C-4E09-8FBF-51D23A623DB3}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CC10F49D-45F9-4749-99AC-51C58A30B99B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{555ECC75-AB3B-6434-8900-2BBA4F91F107}" = ccc-utility64
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63E42DE7-C468-31B0-E373-173C67C87B88}" = ATI Catalyst Install Manager
"{65C1BEAD-B50B-498C-BB6B-CDE4F30584B1}" = HP 3D DriveGuard
"{697E5298-CF76-43A3-AC9D-6AE2FA0F2B43}" = Validity Fingerprint Sensor Driver
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A25B75A1-D9B5-43FC-86F7-6E85DC5AB37E}" = Studie zur Verbesserung von HP Photosmart 5510 series Produkten
"{AB6268C0-EDA4-46C3-8A1C-11D86A5A8E93}" = HP Photosmart 5510 series - Grundlegende Software für das Gerät
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B617B439-87A2-4109-94A6-BD768B259F83}" = HP ProtectTools Security Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D9355D03-2C06-401B-8A16-F6500379AE21}" = HP Power Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}" = WMV9/VC-1 Video Playback
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08F10409-00BB-8843-4813-37FDDD972CB1}" = CCC Help Chinese Standard
"{08FB6F00-7D8D-5474-B70D-607638405BEB}" = CCC Help Korean
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{12379137-5A34-8311-A00C-4571E468F507}" = CCC Help Polish
"{1392513C-F92A-2893-E263-071E943CB4B8}" = Catalyst Control Center InstallProxy
"{1529490E-DC67-A7DA-E7FE-789B929E67F0}" = CCC Help Norwegian
"{18F4179A-385F-40EE-AE2D-FA0E1BE62753}" = HP Software Framework
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2E07A6AE-C2EC-05DB-8344-B562E5D9E341}" = CCC Help Swedish
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}" = HP SoftPaq Download Manager
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E918CE9-BDA6-282D-0E19-E11DF8004ABE}" = CCC Help Thai
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4441B01C-0AF2-6EE7-CDB3-AD0DB41E7147}" = CCC Help Hungarian
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{668643A5-48DD-B0E9-62E1-1FDA18D54F66}" = CCC Help Finnish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69EA3784-E961-76A2-6C11-7B83AA50E56A}" = CCC Help Czech
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}" = HP Documentation
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}" = HP QuickWeb
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71543470-E3F8-6A06-08C8-783CD286D2BA}" = CCC Help German
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{737DCE46-824C-40BA-8776-81D9D1DB04AB}" = Catalyst Control Center - Branding
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{76BAC71B-00A7-BBFA-5DAE-EEB0DF9F4098}" = CCC Help English
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager
"{7CF1347C-61F6-C495-127C-912FD6CB432D}" = CCC Help Japanese
"{801EAD7A-7202-4BE4-84A1-299202AD17C0}" = HP ESU for Microsoft Windows 7
"{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}" = PX Profile Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85BE1D9F-FC67-E84E-F73A-BC7125E3B717}" = CCC Help Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.2.0.10
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A1EFCBD2-B171-E24D-FAD2-4E711A312DEF}" = CCC Help Danish
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB9F8790-4ECB-1BFA-1B80-21DCD40664C3}" = CCC Help Greek
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{AE6BF609-EF6A-8764-85EE-6CC65602D88E}" = CCC Help Chinese Traditional
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B26B64E8-DB83-7904-2DF9-F92A7ABC14D9}" = Catalyst Control Center Localization All
"{B3E31950-C92F-BCD9-963D-A520887A262A}" = CCC Help Turkish
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BE211EBE-AC92-515C-D122-A9DD0BC9FFA9}" = Catalyst Control Center
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C6CD49BC-E6A5-F247-0489-F3188F300A8E}" = Catalyst Control Center Profiles Mobile
"{C7C60D93-E5B7-82D7-44A4-E3EE404B56A3}" = CCC Help Dutch
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBD548E9-E421-7B51-5732-2F63B37589E2}" = CCC Help French
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D2A2E5CD-801A-4B8D-8119-F79449A09B67}" = HP System Default Settings
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7922D23-642E-0649-A3C9-38F9E0FA263E}" = CCC Help Russian
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{DF63FA79-75AE-45D6-715E-81E92F134702}" = CCC Help Italian
"{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}" = HP Photosmart 5510 series Hilfe
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2531547-0789-690E-9F12-3EDBDBC64DA8}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F07E6C5F-6AE1-72B3-8659-08E2ABB86DF8}" = Catalyst Control Center Graphics Previews Common
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aonInternetschutz.3" = A1 Internetschutz 2.0.69
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ImgBurn" = ImgBurn
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"PDF Complete" = PDF Complete Special Edition
"Picasa 3" = Picasa 3
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"VIP Access SDK" = VIP Access SDK (1.0.1.5)
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4157386011-1825002390-482303840-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.02.2013 02:50:04 | Computer Name = Sigrid-HP | Source = Windows Search Service | ID = 3029
Description =
Error - 11.02.2013 02:50:14 | Computer Name = Sigrid-HP | Source = Windows Search Service | ID = 3029
Description =
Error - 11.02.2013 02:50:14 | Computer Name = Sigrid-HP | Source = Windows Search Service | ID = 3028
Description =
Error - 11.02.2013 02:50:14 | Computer Name = Sigrid-HP | Source = Windows Search Service | ID = 3058
Description =
Error - 11.02.2013 02:50:14 | Computer Name = Sigrid-HP | Source = Windows Search Service | ID = 7010
Description =
Error - 11.02.2013 02:51:00 | Computer Name = Sigrid-HP | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x80070015.
Error - 11.02.2013 04:41:36 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 11.02.2013 05:58:49 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 11.02.2013 05:58:49 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 11.02.2013 07:19:46 | Computer Name = Sigrid-HP | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
[ Hewlett-Packard Events ]
Error - 22.06.2012 09:09:55 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 22.06.2012 09:14:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:16:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:24:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:30:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 22.06.2012 09:36:04 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Der
Objektverweis wurde nicht auf eine Objektinstanz festgelegt. StackTrace: bei HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
bei HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
bei HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 4030 Ram Utilization: 60 TargetSite: Void closeConnection()
Error - 23.06.2012 14:57:06 | Computer Name = Sigrid-HP | Source = HPSFMsgr.exe | ID = 2000
Description =
Error - 29.06.2012 04:42:40 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 29.06.2012 04:51:24 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 26.08.2012 10:23:50 | Computer Name = Sigrid-HP | Source = HPSF.exe | ID = 4000
Description =
[ HP Connection Manager Events ]
Error - 10.02.2013 08:05:53 | Computer Name = Sigrid-HP | Source = hpMobile | ID = 5
Description = 2013.02.10 13:05:53.223|00000500|Error |[HP.Mobile]Wwan::<InternalIPAddressChangedEx>b__21{void()}|
Error - 10.02.2013 08:12:47 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/10 13:12:47.080|00001A9C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 10.02.2013 13:52:11 | Computer Name = Sigrid-HP | Source = hpMobile | ID = 5
Description = 2013.02.10 18:52:11.755|00000EF8|Error |[HP.Mobile]Wwan::<InternalIPAddressChangedEx>b__21{void()}|Fehler
beim Laden des Anbieters
Error - 10.02.2013 13:52:11 | Computer Name = Sigrid-HP | Source = hpMobile | ID = 5
Description = 2013.02.10 18:52:11.755|00001F78|Error |[HP.Mobile]Wwan::<InternalIPAddressChangedEx>b__21{void()}|
Error - 10.02.2013 19:02:18 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 00:02:18.194|000016C0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 10.02.2013 19:02:26 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 00:02:26.072|000016C0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 11.02.2013 04:41:45 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 09:41:45.290|00000E04|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 11.02.2013 05:58:56 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 10:58:56.259|00001780|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 11.02.2013 07:20:18 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 12:20:18.796|0000198C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 11.02.2013 07:20:37 | Computer Name = Sigrid-HP | Source = hpCMSrv | ID = 5
Description = 2013/02/11 12:20:37.703|0000198C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
[ HP Power Assistant Events ]
Error - 24.11.2012 08:43:30 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 16.12.2012 06:22:27 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 22.12.2012 03:39:01 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Fensterthread der Systemereignisse konnte nicht erstellt werden.
Error - 22.12.2012 15:18:31 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 27.12.2012 12:39:49 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 102UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 28.12.2012 17:03:47 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 28.12.2012 17:03:47 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 04.01.2013 15:18:12 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 11.01.2013 15:00:33 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
Error - 11.01.2013 15:00:34 | Computer Name = Sigrid-HP | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Level value needs to be an integer between 0 and 100, got 101UpdateBatteryPredictions()
has bad values. Check PMCCapabilities.XML and PMCData.XML if in emulation mode
[ HP Software Framework Events ]
Error - 23.12.2012 18:25:46 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.23 23:25:46.332|00001900|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 24.12.2012 09:53:36 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.24 14:53:36.304|00000304|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 24.12.2012 09:53:36 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.24 14:53:36.492|00000304|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 26.12.2012 08:12:09 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.26 13:12:09.701|00001B4C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 26.12.2012 08:12:09 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2012.12.26 13:12:09.795|00001B4C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 25.01.2013 20:35:49 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.26 01:35:49.392|000016D0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 25.01.2013 20:35:49 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.26 01:35:49.626|000016D0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
Error - 29.01.2013 08:55:32 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.01.29 13:55:32.363|00000A9C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 11.02.2013 04:41:54 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.02.11 09:41:53.916|00000E2C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Der Objektverweis wurde nicht auf
eine Objektinstanz festgelegt.
Error - 11.02.2013 04:41:54 | Computer Name = Sigrid-HP | Source = CaslSmBios | ID = 5
Description = 2013.02.11 09:41:54.166|00000E2C|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Der Objektverweis wurde
nicht auf eine Objektinstanz festgelegt.
[ OSession Events ]
Error - 13.10.2011 03:59:50 | Computer Name = Sigrid-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 335
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 11.02.2013 06:01:04 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10016
Description =
Error - 11.02.2013 06:04:53 | Computer Name = Sigrid-HP | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error - 11.02.2013 06:18:55 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10010
Description =
Error - 11.02.2013 06:19:27 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 11.02.2013 06:19:32 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 11.02.2013 06:21:21 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10016
Description =
Error - 11.02.2013 07:20:33 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10010
Description =
Error - 11.02.2013 07:21:10 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 11.02.2013 07:21:15 | Computer Name = Sigrid-HP | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 11.02.2013 07:23:33 | Computer Name = Sigrid-HP | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
11.02.2013, 13:48
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefundenFixen mit OTL
Code:
ATTFilter :OTL
IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..\SearchScopes\{CFC3649F-BDE7-4CBE-BCE3-D8D98D1ACD5A}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9432544508284016&q={searchTerms}
FF - prefs.js..browser.search.selectedEngine: "Arccosine"
FF - prefs.js..keyword.URL: "http://www.arccosine.com/search.php?q="
FF - user.js - File not found
:Files
C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2013, 14:06
| #14 |
| | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden so, nun hier der otl-file Code:
ATTFilter All processes killed
Error: Unable to interpret <:OTL IE - HKU\S-1-5-21-4157386011-1825002390-482303840-1001\..\SearchScopes\{CFC3649F-BDE7-4CBE-BCE3-D8D98D1ACD5A}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9432544508284016&q={searchTerms} FF - prefs.js..browser.search.selectedEngine: "Arccosine" FF - prefs.js..keyword.URL: "hxxp://www.arccosine.com/search.php?q=" FF - user.js - File not found :Files C:\PROGRAM FILES (X86)\SEARCH RESULTS TOOLBAR ipconfig /flushdns /c :Commands [purity] [emptytemp] [resethosts]> in the current context!
OTL by OldTimer - Version 3.2.69.0 log created on 02112013_140032
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
11.02.2013, 14:30
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden Fixlog ist unvollständig...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden |
| 7-zip, autorun, bho, bonjour, clipgrab, eigenartig, error, excel, failed, fehler, firefox, flash player, format, google, helper, hängen, hängt, igdpmd64.sys, install.exe, installation, intranet, office 2007, olympus, plug-in, popup, realtek, registry, rundll, search results toolbar, secunia psi, security, software, systemereignisse, updates, virus, wlan |
Textbox. 
Linear-Darstellung
